Skip to content

Scammers Stole More Than $100M Worth of NFTs in Last Year

Thieves stole non-fungible tokens (NFTs) worth over $100 million between July 2021 and July 2022, according to a report by blockchain research firm Elliptic. 

The report covering financial crimes and NFTs found that with just under $24 million, May 2022 saw the highest confirmed value of NFTs lost through fraud.

Attacks on NFTs from social media

The research said social media compromises, especially in Discord servers, have surged in 2022, accounting for 23% of all NFTs, or close to 5,000, worth around $20 million.

“The growing availability of tailored malware that can bypass multifactor authentication is likely to be partially responsible,” researchers said.

The report also notes that since thefts are not always made public, the actual numbers are likely to be higher.  

NFT trading spiked sharply in the summer of 2021, with daily average sales of over $50 million and annual NFT sales of over $17.7 billion (an increase of over 200% from 2020). 

Experts also see a growing use case for NFTs as the gaming and metaverse markets develop. 

State-sponsored exploits and sanctioned mixers

“As with traditional scams, once a community of threat actors, or Scam-as-a-Service operators, understand the basic mechanisms from deception to execution, the community of illicit actors can scale that activity by reusing and iterating on services or practice,” Blockchain intelligence company TRM Labs said earlier this month.

Meanwhile, state-sponsored exploits and authorized entities are seen as a growing threat to NFT-based services. Examples include the $540 million theft from Axie Infinity’s Ronin Bridge by North Korea’s Lazarus Group and the possession of NFTs by the U.S.-approved Chatex crypto assets exchange.

Be[In]Crypto previously highlighted that North Korean hackers are posing as job applicants for crypto jobs in wealthy countries to fund government operations. In addition, fund flows in the $620 million attack on the Ronin sidechain of Axie Infinity were also linked to authorized crypto mixers.

The report also found that before being blacklisted by the Office of Foreign Assets
Read Full Article…