Several BAYC and CryptoPunks collectors who put up their tokens as collateral backing for Ethereum loans have been unable to settle their dues. Crypto analysts believe this could mark the onset of the first major liquidation crisis in the NFT industry. BendDAO Loans and Possible Risks Rumors of a liquidation spiral began earlier this week following a post about NFT lending platform BendDAO. BendDAO is a web3 protocol that allows users to take out loans in Ethereum using their non-fungible…
In a world where NFTs are becoming more and more valuable, NFT theft is a real threat. Criminals and technology are evolving, and users need to move with care in this growing market.
Our guide will provide more details on this dangerous trend and share guidelines on reducing the risk of NFT theft.
Stealing NFTs – Myth or Reality?
When it comes to staling NFTs, exploiting human mistakes is the most typical strategy for a hacker. Without the hacker’s access to your wallet or your consent, it is tough to take your NFTs away.
To have your NFTs stolen, you may click on a dangerous link or tell someone your wallet’s secret phrase. Technically, a hacker would have to get access to your wallet to steal your NFT.
Unless you give someone access to your wallet or you willingly send someone your NFTs, stealing your NFT is a challenge. The truth is that every day, scammers employ various deceitful schemes to access their victims’ wallets.
How Do Criminals Move?
Criminals currently know two ways to steal the NFTs you own. The subsections below will provide more information on the matter.
Knowing Users’ Details
The majority of NFT thefts happen when human mistakes occur. In other words, users may have prevented an NFT theft with a little more care. Clicking on a malicious link or knowingly sending your NFT to a third party are easy to avoid mistakes.
One of the most prevalent NFT frauds is deception. Scammers often mislead users into moving their NFTs or granting access to their wallets without their knowledge. Scammers frequently approach you in your DMs with offers of assistance or deals that are too good to be true.
When a deal is so good that it is hard to believe, you should beware of your actions.
Moreover, fraudsters often set up phony accounts claiming to be well-known influencers or firms in the industry. These criminals appear to offer a solution to any issue you have, while they simply want to collect your data.
Smart Contracts Flaws
Another typical method of stealing NFTs is exploitation. In most cases, exploitation results from a flaw in an NFT platform’s contract. A good hacker may exploit the flaw to steal NFTs and cryptocurrencies.
The “NFTheft” Twitter account famously shared a report on the flaws of NFT smart contracts. Specifically, the mysterious ethical hacker mentioned the “sleep minting” risk as a significant threat to the industry.
Sleep minting makes it possible to create NFTs (or other tokens) without notifying their original owner. A structural flaw in the way developers write smart contracts can sometimes lead to this issue.
A transaction may appear legitimate to a blockchain even if it isn’t in these cases. The Twitter account stood behind this claim, managing to “clone” one of the most popular NFTs on the market.
A second copy of the “Everydays: the First 5000 Days” NFT suddenly appeared online. It took a while before the major NFT marketplaces realized that the NFT was a counterfeit. If you consider that the original NFT sold for $69.3 million at Christie’s, the issue is clear.
NFTheft’s experiment gave a worrying example of how this market needs more cybersecurity and regulation.
Can You Protect Your NFTs?
The best way to avoid having your NFTs stolen is to get familiar with the common strategies of a hacker. Keep in mind that some general guidelines can help you prevent losing your valuable NFTs:
- Do not click on links you do now know or trust.
- Beware of sharing your screen since this is an easy way for scammers to steal your data.
- Consider using a hardware wallet for your NFTs. While these solutions may not be completely safe, they certainly complicate scammers’ lives.
- Storing your wallet’s secret phrase or password on a laptop can be a bad idea. If a hacker gains access to your computer, finding a folder named “Wallet Passwords” can make scamming you easier.
- Obviously, do not share your secret phrase with anyone. Even sharing it with trusted persons can be a mistake since they may inadvertently make one of the abovementioned mistakes.
While the points above are generally obvious to the general public, their application may be problematic. Scammers are getting better at their “job,” and some of these tricks may work even on experienced crypto investors.
Recovering Stolen NFTs
While “prevention is better than cure” is a famous mantra, its application may be more complex than one would think. If someone managed to steal your NFTs, you should know that recovering them will be difficult.
Regulation needs to evolve to bring more protection to NFT investors. While the market waits for specific rules, legal experts claim that the existing legislation protects theft victims.
The whole problem comes down to the issue of tracking a criminal online. The beauty of blockchain technology is that every transaction is easy to follow. However, blockchains rely on pseudonymity, making it almost impossible to find the real identity behind a wallet ID.
Reports online tell us famous stories of people managing to get back their NFTs from hackers. If we had to pick a recent case, we’d mention how a group of developers managed to scam a hacker.
The hacker managed to steal NFTs from the “Unchained NFT” project. A group of experts shared a Twitter thread explaining how they managed to scam this criminal. This story teaches us that, while recovering stolen NFTs is possible, you will need technical skills to succeed.
There are several methods through which someone may steal your NFTs. To that end, you may take measures to minimize the likelihood of this ever happening to you. Our guide provided a quick view of how hackers typically operate and what users can do to protect their wallets.
Investors must move into the market with great care, forcing hackers to make up new strategies. An excellent technical audit must be in place when scammers can exploit a smart contract flaw.
Lastly, the lack of specific regulation favors criminals since authorities may not have adequate tools to track down hackers.