1. QiAi QuestsHome
  2. AI & Tech Insights

A Cautionary Tale: “Zero Yuan Purchase” Phishing Attack Targeting Blur NFT Market

AI & Tech Insights 78 views

It is reported that recently, Scam Sniffer, the partner of Slow Fog Ecological Security, demonstrated a \”zero yuan purchase\” phishing attack test against the B…

A Cautionary Tale: Zero Yuan Purchase Phishing Attack Targeting Blur NFT Market

It is reported that recently, Scam Sniffer, the partner of Slow Fog Ecological Security, demonstrated a “zero yuan purchase” phishing attack test against the Blur NFT market’s batch listing signature. Through a “root signature” as shown in the figure, all NFTs authorized by the target user on the Blur platform can be fished out at a very low cost (specifically “zero yuan purchase”). The “root signature” format of the Blur platform is similar to “blind signature”, The user cannot recognize the impact of this signature. The slow fog security team verified the feasibility and harmfulness of the attack. All users of the Blur platform are hereby reminded to be vigilant. When finding “Root signature” from a non-Blur official domain name (blur. io), they must refuse it to avoid potential asset losses.

Slow fog: Be alert to the risk of “zero yuan purchase” phishing for the Blur NFT market

Interpretation of the news:


In recent news, Scam Sniffer, in partnership with Slow Fog Ecological Security, has reported a “zero yuan purchase” phishing attack test targeted at the Blur NFT market. The aim of the test was to demonstrate how a “root signature” allowed authorized NFTs owned by the target user on the Blur platform to be fished out at a low cost. The attack is harmful and carries the potential to cause significant financial losses for users.

The attack relied on the use of a “root signature”, which, when presented to the target user, allows access to all NFTs authorized by the user on the Blur platform. This “root signature” format is somewhat similar to a “blind signature” and can be easily overlooked by a user who is not aware of its impact. The aforementioned security teams have verified the feasibility and potential damage caused by such an attack.

It is recommended for all users of the Blur platform to be vigilant when presented with the “root signature” from a non-Blur domain name. The domain name in use should always be blur.io. Users must immediately refuse any signature presented from any other domain. Failure to do so may lead to potential asset losses.

The recent attack highlights the importance of heightened vigilance in the crypto space. The NFT market is highly popular, and as a result, it is necessary to implement robust security measures to avoid phishing and other cyber-attacks that exploit users’ personal information and assets.

In conclusion, it is imperative for all users, not only of the Blur platform but in the crypto space in general, to keep security at the forefront of their minds. This includes staying abreast of the latest phishing and other cyber-attacks and knowing how to identify attempts to compromise personal information and assets, such as the “root signature”.

This article and pictures are from the Internet and do not represent qiAiAi's position. If you infringe, please contact us to delete:https://www.qiaiai.com/ai/5593.html

It is strongly recommended that you study, review, analyze and verify the content independently, use the relevant data and content carefully, and bear all risks arising therefrom.

Like (0)
Previous 03/07/2023 01:50
Next 03/07/2023 01:59

Related recommendations