The controversial NFT platform OpenSea is getting sued by owners of Bored Ape NFTs who lost access to their assets.
Three different plaintiffs have sued OpenSea over losing access to their NFTs due to security vulnerabilities. All three accusers owned NFTs from the Bored Ape Yacht Club series. These include Timmy McKimmy (Texas), Robert Armijo (Nevada) and Michael Valise (New York). The plaintiffs claim that they lost access to their NFTs after attacks caused by security vulnerabilities in the OpenSea platform.
McKimmy’s lawyer explained that due to OpenSea requiring customers to connect their wallet to the platform, others could see the NFTs in the wallet and make offers on it – even if the NFTs are not on sale. Taking advantage of a security loophole, on February 7th hackers made an offer for McKimmy’s NFT and then accepted the offer on the latter’s behalf. The hacker sold the NFT to himself for 0.1ETH and then sold it to another user for 99 ETH. The wallet used for the transaction then disappeared.
The other plaintiff, Michael Valise, was also a victim of a similar attack, though it is not clear if the attacker was the same. Robert Valise, on the other hand, was a victim of social engineering attack, where a potential client stole his NFTs through a fraudulent link. McKimmy’s lawyer further shared that his client had tried to contact OpenSea multiple times for getting access to his NFT or get compensated for the same, but got no conclusive response from the company. The lawyer, Ash Tadghighi, also said the case was ‘first of its kind’ since there was no precedent for it.