Bored Ape NFT Owner Sues OpenSea Over Stolen Assets
- OpenSea gets sued by NFT owners.
- Users argued that the platform acted blindly to the security violations happening.
OpenSea, ‘a gas-free marketplace for NFTs on Polygon, fell prey to a $1.7 million phishing hack in NFTs and frequent scams on the NFT platform this year. The chaos for the company has been increasing ever since. Currently, it is facing lawsuits from three plaintiffs, the ones who lost access to their Bored Ape Yacht Club NFTs.
Timmy McKimmy of Texas, Michael Valise of New York, and Robert Armijo of Nevada have lost their Bored Apes in a hack as there was a security vulnerability and a social engineering attack respectively. Interestingly, the hacks faced by McKimmy and Valise were similar but it is still not clear if it was done by the same person. They are therefore suing OpenSea for a security breach as they lost significant NFT. The platform also was not allowing them from cashing the advantages of claiming Bored Apes.
McKimmy’s lawyer, Ash Tadghighi said, “Een through McKimmy didn’t have his NFT listed for sale, OpenSea requires you to connect a wallet, and so people can see what NFTs are in that wallet and can make offers on unlisted NFTs. Exploiting a security vulnerability, the hacker made an offer, hacked the code, and accepted the offer on behalf of Mr. McKimmy. So he basically sold it to himself and within the hour sold it to another user.”
The public transaction records from February 7 show that the NFT was sold by the hacker to themselves for .01 ETH and then sold for 99 ETH to another client. However, BAYC said that the currency was ApeCoin, so the holders were able to claim them but McKimmy and Valise could not do the same as the hacker stole their coins.
Still, Tadghighi and Dao claimed that OpenSea ignored the security issues and kept functioning anyway. This eventually caused inconvenience to the users who followed all the instructions given by OpenSea.
One of the customer complaints reads, “OpenSea has prioritized growth over consumer safety and the security of consumer’s digital assets,” which is a serious allegation that can harm the reputation of the platform.