{"id":18186,"date":"2022-02-03T08:30:11","date_gmt":"2022-02-03T16:30:11","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2022\/02\/03\/news-11919\/"},"modified":"2022-02-03T08:30:11","modified_gmt":"2022-02-03T16:30:11","slug":"news-11919","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2022\/02\/03\/news-11919\/","title":{"rendered":"Flaw in OpenSea allows for NFT to be sold at a fraction of price. | Kaspersky official blog"},"content":{"rendered":"<p><strong>Credit to Author: Jeffrey Esposito| Date: Thu, 03 Feb 2022 16:25:02 +0000<\/strong><\/p>\n<p>For the 237<sup>th<\/sup> episode of the <a href=\"https:\/\/www.kaspersky.com\/blog\/?s=podcast\" target=\"_blank\" rel=\"noopener\">Kaspersky <em>Transatlantic Cable<\/em> podcast<\/a>, Ahmed and I ask Dave to dive back into the NFT sea for a pair of stories, both of which center around OpenSea.<\/p>\n<p>The first story comes to us from Vice where Joseph Cox looks into an issue where NFTs may be running third party code without the user&#8217;s awareness \u2013 in some instances obtaining a IP address for people viewing an NFT. The second story discusses a bug in OpenSea where hackers are able to buy NFTs for previous prices and then flip them for more \u2013 all without the current owner&#8217;s knowledge.<\/p>\n<p>We then shift focus to Apple to discuss the company&#8217;s new response to Air Tags being used for stalking purposes. The question is though, why wasn&#8217;t this safety guide already around?<\/p>\n<p><span class='embed-youtube' style='text-align:center; display: block;'><iframe class='youtube-player' type='text\/html' width='100%' height='420' src='https:\/\/www.youtube.com\/embed\/jjt9Qx9MBPk?version=3&#038;rel=1&#038;fs=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;wmode=transparent' frameborder='0' allowfullscreen='true' style=\"\"><\/iframe><\/span><\/p>\n<p>We then jump into the metaverse and debate whether or not this is something that the world really needs to happen. To close out the podcast, we discuss Signal&#8217;s new move to incorporate anonymous payments into their future products.<\/p>\n<p>If you liked what you heard, please consider subscribing and sharing with your friends. For more information on the stories we covered, see the links below:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.vice.com\/en\/article\/xgdvaz\/nft-steal-ip-address-opensea\" target=\"_blank\" rel=\"noopener\">This NFT on OpenSea Will Steal Your IP Address<\/a><\/li>\n<li><a href=\"https:\/\/bitcoinist.com\/hacker-exploits-opensea-bug-that-undervalue-nfts\/\" target=\"_blank\" rel=\"noopener\">OpenSea Bug Opens Platform To Hack<\/a><\/li>\n<li><a href=\"https:\/\/www.bbc.com\/news\/technology-60164847\" target=\"_blank\" rel=\"noopener\">Apple unveils AirTag safety guide amid stalker fears<\/a><\/li>\n<li><a href=\"https:\/\/www.wired.com\/story\/metaverse-big-tech-land-grab-hype\/\" target=\"_blank\" rel=\"noopener\">Big Tech Needs to Stop Trying to Make Their Metaverse Happen<\/a><\/li>\n<li><a href=\"https:\/\/www.theverge.com\/22872133\/signal-cryptocurrency-payments-encryption-invite-regulator-scrutiny\" target=\"_blank\" rel=\"noopener\">How Signal is playing with fire<\/a><\/li>\n<\/ul>\n<p><iframe loading=\"lazy\" src=\"\/\/html5-player.libsyn.com\/embed\/episode\/id\/22012292\/height\/90\/theme\/custom\/thumbnail\/yes\/direction\/backward\/render-playlist\/no\/custom-color\/00a88e\/\" frameborder=\"0\" scrolling=\"no\" marginwidth=\"0\" marginheight=\"0\"  width=\"100%\" height=\"420\" style=\"\"><\/iframe><\/p>\n<div class=\"podcast-subscribe\"><a data-omniture-download-button-type=\"TrialBuilds\" data-omniture-product-name=\"podcast-itunes\" class=\"itunes\" href=\"https:\/\/itunes.apple.com\/us\/podcast\/talk-security\/id909407206\" target=\"_blank\"><img decoding=\"async\" src=\"https:\/\/www.kaspersky.com\/blog\/wp-content\/plugins\/kaspersky-embeds\/img\/button-subscribe-apple.png\" \/><\/a><a data-omniture-download-button-type=\"TrialBuilds\" data-omniture-product-name=\"podcast-spotify\" class=\"spotify\" href=\"https:\/\/open.spotify.com\/show\/1VGCKlOoQ9C24dJiCHGTK5\" target=\"_blank\"><img decoding=\"async\" src=\"https:\/\/www.kaspersky.com\/blog\/wp-content\/plugins\/kaspersky-embeds\/img\/button-subscribe-spotify.png\" \/><\/a><a data-omniture-download-button-type=\"TrialBuilds\" data-omniture-product-name=\"podcast-googleplay\" class=\"google\" href=\"https:\/\/play.google.com\/music\/m\/Iyc2gocjmpw44j4aafwzvd4uwee?t=Transatlantic_Cable_Podcast\" target=\"_blank\"><img decoding=\"async\" src=\"https:\/\/www.kaspersky.com\/blog\/wp-content\/plugins\/kaspersky-embeds\/img\/button-subscribe-google.png\" \/><\/a><a data-omniture-download-button-type=\"TrialBuilds\" data-omniture-product-name=\"podcast-rss\" class=\"rss\" href=\"http:\/\/talksecurity.kaspersky-podcasts.libsynpro.com\/rss\" target=\"_blank\"><img decoding=\"async\" src=\"https:\/\/www.kaspersky.com\/blog\/wp-content\/plugins\/kaspersky-embeds\/img\/button-subscribe-rss.png\" \/><\/a><\/div>\n<p> <input type=\"hidden\" class=\"category_for_banner\" value=\"ksc-trial-generic\" \/> <br \/><a href=\"https:\/\/www.kaspersky.com\/blog\/transatlantic-cable-podcast-237\/43537\/\" target=\"bwo\" >https:\/\/blog.kaspersky.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2022\/02\/03112349\/transatlantic-cable-podcast-237-featured.jpg\"\/><\/p>\n<p><strong>Credit to Author: Jeffrey Esposito| Date: Thu, 03 Feb 2022 16:25:02 +0000<\/strong><\/p>\n<p>This week on the Kaspersky podcast, Ahmed, Dave and I discuss a bug in OpenSea, NFTs running 3rd party code, Apple taking on stalkers and more.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10425,10378],"tags":[32,5820],"class_list":["post-18186","post","type-post","status-publish","format-standard","hentry","category-kaspersky","category-security","tag-news","tag-podcast"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/18186","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=18186"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/18186\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=18186"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=18186"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=18186"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}