Hackers are increasingly targeting the front-end websites of NFT protocols in a bid to steal users’ funds.
In this attack, the hacker compromises the website or domain name to redirect unwitting users or their transactions to a malicious destination. If the user signs the transaction on the attacker’s website thinking it genuine website, in this case, the attacker can steal all of the user's assets from the wallet.
In January 2022, Opensea NFT Marketplace was has suffered a front-end attack with the exploiter withdrawing 332 ETH.
https://forkast.news/headlines/opensea-nft-marketplace-hacked-332-eth/