More than $100 million in NFTs have been stolen this year – ARTnews.com
More than $100 million of non-fungible tokens were stolen in a series of scams between January and July this year, according to a new report from blockchain analytics firm Elliptic. The thieves got away with an average of $300,000 per scam.
“The most valuable NFT ever stolen is CryptoPunk #4324, which was sold by fraudsters shortly after the theft on November 13, 2021 for $490,000,” reports Elliptic. “Meanwhile, the largest single heist by an individual victim resulted in the loss of 16 blue-chip NFTs worth $2.1 million on December 28, 2021,” the report said.
Elliptic collected data on NFT fraud through open source research across major social media. All thefts included in the report were (a) reported stolen on social media, (b) showed a clear pattern of theft based on Ethereum transactions, and (c) occurred between July 2021 and July 2022.
related articles
The report outlines the various scams that dupe crypto art collectors. Phishing scams, where users accidentally share their cryptocurrency wallet credentials, are the most common. Scammers can achieve this by squatting domains on similar website names or hacking the owner’s social media accounts. In one of the most high-profile cases, $3 million worth of NFTs were stolen from Yuga Labs’ Bored Ape Yacht Club following an Instagram hack.
“Fraudsters have also been known to pay to advertise their sites on search engines,” the Elliptic report states, “meaning unwitting individuals searching for the impersonated NFT platform will see a series of phishing links at the top of search results. ยป
In more elaborate scams, a “Trojan horse” NFT will lure the potential buyer with a “smart contract” or token that will drain their account after being accepted. Elsewhere, a counterfeit NFT that has the same name and image as the unique digital asset can trick someone into a “like-for-like” exchange, where the fraudster receives a valuable NFT but leaves behind a worthless counterfeit.
Elliptic notes that 52% of the NFT fraudsters it tracked used the Tornado Cash service to launder their loot. The service, which was included on a US sanctions list this month, “was the source of $137.6 million of crypto assets processed by NFT marketplaces,” the report notes, adding: “The prolific use of threat actors engaging with NFTs , further underlines the need for effective screening of sanctions from NFT platforms.”
