The NFT industry boomed during the late 2020s and early 2021s. This development has also awakened the interest of hackers, who have exploited system vulnerabilities to steal large sums of money.
Growing NFT theft by hackers
A market that continues to grow, both in ecosystem and in numbers, becomes more attractive to investors, but also to hackers.
Despite the strong bear market phase crypto just went through, the NFT sector continues to evolve and innovate, finding interesting applications straddling the real and digital worlds.
Non-Fungible Token technology, however, is still relatively new and as such, has some flaws. Even the infrastructure of major projects does not enjoy extreme security, although they are not always the affected parties.
Sometimes users’ wallets are hacked or errors present in the platforms’ smart contracts are exploited. In other cases, users find themselves victims of rug pulls, theft by employees or, a widespread practice in the industry, phishing scams.
Usually the latter are accomplished by redirecting to links and/or websites that are copies of the original, through which one is able to gain possession of the private keys of wallets after users have authorized a “malicious” transaction.
According to Comparitech‘s analysis, the first thefts date back to the early 2020s, which then increased at an increasing rate.
Since then, the total value of the hacks turns out to be about $86 million, with a total number of 166 “thefts”.
The year 2022 is experiencing the highest volumes of digital asset thefts, and 31 were recorded in March alone.
The latest entity hit was the Omni company, which suffered a $1.4 million attack last month.
Biggest thefts in the NFT industry
From 2020 to the present, there have been many projects that have attracted some interest among hackers. Among the largest in history, calculated by the amount of dollars stolen at the time of the attack, in first place is Lympo, an NFT platform subsidiary of Animoca Brands, which had 165.2 million units of LMT tokens stolen ($18.7 million).
Right behind is Farmers World, a crypto-based game on the WAX blockchain, which had more than 100 million in yuan stolen as of November 2021, or about $15.7 million.
In third place is probably the world’s best-known NFT collection, Bored Ape Yacht Club. In April 2022, the official Instagram account was hacked and used to entice some unfortunate users to connect their Ethereum wallet. The result was 10 NFTs from the collection stolen, with a total counter value of $13.7 million.
Certainly, these will not be the last, but there is a clear need to raise more awareness in the community so as to prevent these kinds of attacks as much as possible. In addition, as blockchain technology becomes more innovative, smart contracts, and consequently decentralized platforms, will become more secure, and hackers will find it increasingly difficult to “crack the system”.