Best Website-BuildersBest Website-Builders
    What's Hot

    The Papers: Passport strike and arrest warrant for Putin

    March 17, 2023

    Should You Wait for Wi-Fi 7 Before Upgrading Your Router? (2023)

    March 17, 2023

    Reddit – Dive into anything

    March 17, 2023
    Facebook Twitter Instagram
    Facebook Twitter Instagram
    Best Website-BuildersBest Website-Builders
    • Home
    • CSS

      Mānoa: Independent Report: “Appropriate and Timely” Response to UH Mānoa Athletics Concerns

      March 17, 2023

      Weak natural gas prices spur fuel switching in Europe

      March 17, 2023

      Kenya route presents supporters with new allies with 50 ministerial positions

      March 17, 2023

      Franz Ferdinand Leads 50 in New Daft Punk Book After Daft

      March 17, 2023

      Franz Ferdinand Leads 50 in New Daft Punk Book After Daft

      March 17, 2023
    • Joomla

      How Superior Web Hosting Support Can Drive Business Success

      March 17, 2023

      PANDACU Studio Website Development Cooperation First Page Sage SEO Dsign Chicago adstargets Cardinal Digital Agency

      March 16, 2023

      Bluehost Review: Best Solution for Your Web Hosting Needs? – WISH-TV | Indianapolis News | Indiana Weather

      March 15, 2023

      What’s New in Search? SEO Strategies for 2023

      March 15, 2023

      What’s New in Search? SEO Strategies for 2023

      March 15, 2023
    • PHP

      Children with cystic fibrosis aren’t automatically eligible for ‘make-a-wish’

      March 17, 2023

      Josh Duggar’s prison sentence extended

      March 17, 2023

      AI arms race heats up this week

      March 17, 2023

      Iranian girls detained for dancing TikTok in public

      March 17, 2023

      Financial YouTuber sued for promoting FTX

      March 17, 2023
    • UX

      Remember User Experience in Zero Trust Journeys

      March 17, 2023

      Best MA Sports Betting App User Experience

      March 17, 2023

      Chancery & Circuit Court & Estate Transfers – www.elizabethton.com

      March 17, 2023

      The Generative AI Revolution will Enable Anyone to Create Games

      March 17, 2023

      Using Technology to Create a Better Customer Experience

      March 17, 2023
    • Web Builders
      1. Web Design
      2. View All

      What Comes First in Website Development — Design or Copy?

      February 2, 2023

      Modern Campus Honors Best Higher Education Websites of 2022

      February 2, 2023

      Premier SEO Consultant in Las Vegas, Nevada with Unparalleled Customer Service

      February 2, 2023

      Can Religious Freedom Be Saved? This group is racing the clock to teach America’s first freedom

      February 2, 2023

      How i Create New Google Account

      February 7, 2023

      CWT powers tools for meeting and event planners

      January 31, 2023

      Best Website Builder – Website Builders

      January 24, 2023

      Is There A Market For Rap-Themed Slot Games? – Rap Review

      January 19, 2023
    • WordPress

      Google Photos could soon bring its AI editing capabilities to videos

      March 17, 2023

      Windows 11 update coming soon to make your PC more stable

      March 17, 2023

      Sorry, Ryzen 9 7950X doesn’t hit 6.3 GHz

      March 17, 2023

      FakeCalls Android banking scam is back

      March 17, 2023

      A much cheaper RTX 4060 GPU could be on the horizon if this leaked image is true

      March 17, 2023
    • Realtoz
      • Our Other Sites
    • More News
    Best Website-BuildersBest Website-Builders
    Home » Research Finds Attackers Can Reveal the Identity of Users Using the Largest NFT Marketplace
    Wordpress

    Research Finds Attackers Can Reveal the Identity of Users Using the Largest NFT Marketplace

    websitebuildersnowBy websitebuildersnowMarch 13, 2023No Comments2 Mins Read
    Facebook Twitter LinkedIn Telegram Pinterest Tumblr Reddit WhatsApp Email
    Share
    Facebook Twitter LinkedIn Pinterest Email



    Arguably the world’s most popular marketplace for non-fungible tokens (NFTs), OpenSea had a vulnerability that allowed hackers to de-anonymize users and in some cases even reveal their full identities. rice field.

    That’s according to a new report from a cybersecurity researcher on Imperva’s red team. (opens in new tab)we notified OpenSea and later confirmed that the vulnerability was properly addressed.

    In a blog post detailing their findings, Imperva researchers said OpenSea’s website has a cross-site search vulnerability because it does not restrict cross-origin communication. At the root of the problem was the iFrame-resizer library.

    Exposure of NFT owners

    A researcher explains: Attacker leaks the name of her user-created NFTs by continuously searching the user’s assets, done cross-origin via tabs or popups, thereby revealing her wallet address to the public can do.This information can be associated with your identity (opens in new tab) Using leaked NFTs and public wallet addresses”

    As a result, the victim’s identity may be revealed, researchers conclude.

    To exploit this vulnerability, an attacker could send a link to the victim via email, SMS, or other communication channel. By clicking on the link, the victim reveals valuable information such as her IP address, user her agent, device details, software version, similar advertisements and so on.

    The attacker then exploits a cross-site search vulnerability to extract one of the target’s NFT names. Also, by associating her leaked NFT/public wallet address with the target, the attacker could reveal the identity of the victim.

    After publicizing the vulnerability in the market, OpenSea released a patch “quickly,” the researchers said. They concluded that the vulnerability was resolved by restricting cross-origin communication, thus reducing the risk of further exploitation.



    Source link

    Share this:

    • Tweet
    • Email
    • Pocket
    • Mastodon
    • WhatsApp
    • Telegram
    • Share on Tumblr
    • Print
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Telegram Email
    Previous Article3-year-old accidentally kills sister after finding parents’ gun
    Next Article Gary Glitter: Paedophile former pop star recalled to prison
    websitebuildersnow
    • Website

    Related Posts

    Google Photos could soon bring its AI editing capabilities to videos

    March 17, 2023

    Windows 11 update coming soon to make your PC more stable

    March 17, 2023

    Sorry, Ryzen 9 7950X doesn’t hit 6.3 GHz

    March 17, 2023
    Add A Comment

    Leave a Reply Cancel reply

    Top Posts

    Subscribe to Updates

    Get the latest sports news from SportsSite about soccer, football and tennis.

    Advertisement
    Demo

    This website provides information about CSS and other things. Keep Supporting Us With the Latest News and we Will Provide the Best Of Our To Makes You Updated All Around The World News. Keep Sporting US.

    Facebook Twitter Instagram Pinterest YouTube
    Top Insights

    The Papers: Passport strike and arrest warrant for Putin

    March 17, 2023

    Should You Wait for Wi-Fi 7 Before Upgrading Your Router? (2023)

    March 17, 2023

    Reddit – Dive into anything

    March 17, 2023
    Get Informed

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    © 2023 bestwebsite-builders. Designed by bestwebsite-builders.
    • Home
    • About us
    • Contact us
    • DMCA
    • Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.