OpenSea to return $1,8 million to users who lost NFT due to an exploit
Fixing the “inactive listing” issue is a top priority for the company
29.01.2022 - 09:15
485
1 min
0
What’s new? The OpenSea NFT marketplace reimbursed 750 ETH (about $1,8 million) to users affected by the platform’s bug. An “inactive listing” exploit allowed tokens to be bought at old, underpriced prices. One of the unscrupulous users made 340 ETH from this, Fortune reports.
How does the exploit work? Previously, the OpenSea users could not select an expiry date of the auction, so their NFTs had to be manually removed from the auction. These actions required a gas fee, but the users found a loophole. If they transferred a token from one of their wallets to another, the listing disappeared in the user interface.
But in reality, the lot simply went from “active” to “inactive.” And such lots can still be bought through direct interaction with smart contracts. So the experienced users could buy NFTs at the old low prices.
What did OpenSea do? The company advised users to check and cancel their “inactive” listings immediately. The users were unhappy, as the commission for withdrawing the lot was as high as 15 ETH.
OpenSea refunded the affected users the money they had spent on gas or lost because of the exploit. OpenSea co-founder Alex Atallah stated:
“Fixing this issue is our company’s top priority. We have a team working on it and putting up a countermeasure now.”
Useful material?
Telegram 
Twitter Incidents
The company is linking the incident to a compromised private key on a service wallet, rather than a smart contract exploit
May 22, 2026
Incidents
Following the incident, the project temporarily halted trading operations and node activity.
May 15, 2026
Incidents
The user spent weeks unsuccessfully trying to guess the password until Claude helped find an old wallet backup file
May 14, 2026
Crypto regulations
Authorities are introducing mandatory registration for companies handling cross-border crypto transactions
May 8, 2026
Incidents
According to Blockaid, the attack may have been carried out by the same hacker behind the 1inch Fusion V1 exploit.
May 7, 2026
Incidents
The attacker gained administrative access and altered contracts to drain user funds
Apr 30, 2026
Cryptocurrency rates
-
Bitcoin
$63 304
BTC
-3.2%
-
Ethereum
$2 551.16
ETH
+3.56%
-
BNB Smart Chain
$579.4
BSC
+1.23%
-
Ripple
$1.17
XRP
-2.41%
-
TRON
$0.160134
TRX
-1.59%
-
Dogecoin
$0.08876
DOGE
-3.25%
-
Zcash
$522.94
ZEC
-12.82%
-
Stellar XLM
$0.208286
XLM
-2.87%
-
Cardano
$0.18507
ADA
-9.05%
-
Polkadot
$3.32
DOT
+5.27%