Security gap in Rarible NFT Marketplace with more than 2 million monthly users

Check Point Research (CPR) has identified a security flaw in Rarible, the NFT marketplace with over two million active users. Had it been exploited, the vulnerability would have allowed the theft of a user's NFTs and crypto tokens in a single transaction. CPR immediately informed Rarible of the findings, which acknowledged the security flaw.

The revelations of CPR mark the second discovery of a security flaw by its researchers in an NFT marketplace. By October 2021, CPR had identified security issues in OpenSea, the world's largest NFT market. A similar attack on Jay Chou, a famous Taiwanese singer whose NFT was stolen and sold for $ 500.000, prompted CPR to investigate Rarible.

• A successful attack would come from a malicious NFT within Rarible itself, where users are less suspicious and familiar with trading

Exploitation starts when a victim receives a link to the malicious NFT, which they then visit with one click

CPR warns that we will continue to monitor crypto wallet theft worldwide and shares four security tips

In 2021, Rarible had a trading volume of over $ 273 million in 2021, making it one of the largest NFT markets in the world.

Attack Methodology

The CPR described the method of attack as follows:
1. The victim receives a link to the malicious NFT or clicks on it while browsing the marketplace.
2. The malicious NFT executes JavaScript code and attempts to send a setApprovalForAll request to the victim.
3. The victim submits the request and gives the attacker full access to this NFT / Crypto Token.
The Motivations of Research

On April 1, CPR witnessed a similar attack on the famous Taiwanese singer Jay Chou, who was tricked into submitting a transaction that led to the theft of his BoardAppe NFT 3738, which was later sold for $ 500.000. This fact aroused the interest of CPR, as the victim of this method can be any holder of crypto / NFT.

CPR immediately launched a thorough investigation into Rarible with the motive of preventing the seizure of an account and the theft of cryptocurrencies.

CPR's current findings are based on previous research in October 2021, where they found significant defects in OpenSea, the largest NFT market in the world. If left unrepaired, vulnerabilities discovered on the OpenSea platform could allow hackers to steal user accounts and entire cryptocurrencies, creating malicious NFTs.

Responsible Disclosure

CPR unveiled its findings at Rarible on Tuesday, April 5, 2022, which acknowledged the security flaw. CPR believes that Rarible will have been repaired by this publication.

Comment by Oded Vanunu, Head of Products Vulnerabilities Research at Check Point Software:

"At CPR we have invested significant resources in encryption and security research. What we are seeing are serious attempts by cybercriminals to steal cryptocurrencies and make big profits especially from NFT markets. Last October, we discovered critical security flaws in OpenSea, the largest NFT market in the world. Now, we have identified similar vulnerabilities in Rarible. In terms of security, there is still a huge gap between Web2 and Web3 infrastructure. "

"Any small vulnerability opens a backdoor to cyber criminals and allows them to seize crypto wallets in the background. We remain in a situation where markets that combine Web3 protocols lack substantial security practices. The consequences of an encryption breach can be extreme. We've seen millions of dollars stolen from market users who combine blockchain technologies. Currently, I expect a steady increase in cryptocurrency theft. Users need to pay attention. At the moment they have to manage two types of wallets: one for most of their encryption and another only for specific transactions. In case the wallet for specific transactions is violated, users do not lose everything. At CPR we will continue to investigate the security implications of the new frontier of blockchain technology. "

Safety Tips

CPR recommends that you be careful whenever you receive signature requests even within the marketplace itself.
• Before approving a request, users should carefully consider what is being asked of them and see if the request seems unnatural or suspicious.
• If in doubt, users are advised to reject the request and consider it further before granting any kind of authorization.
• Users are advised to check and revoke tokens approvals from this link: The Best Technology Site in Greece
Follow us on Google News

Rarible, nft, marketplace, JavaScript, iguru

Written by newsbot

Although the press releases will be from very select to rarely, I said to go ... because sometimes the authors are hiding.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).