Losses from NFT crimes up 667% in 2022 compared to whole of 2021: Report

Non-fungible token (NFT) hacks have led to losses of almost $52 million in the first four months of 2022 alone compared with less than $7 million over the whole of 2021, according to report by Top10VPN, a global digital privacy and research group.

After only a single hack in the first half of 2021, which was reportedly due to individual users failing to enable multi-factor authentication rather than security issues on the Nifty Gateway platform, there have been almost 40 more incidents since then.

Sports NFT platform Lympo suffered the worst loss, when it experienced a hot wallet security breach and lost tokens worth $18.7 million in January 2022.

Bored Ape Yacht Club, one of the most well-known NFT projects, was hacked in April 2022 when its official Instagram account was compromised and used to send a phishing message. The stolen NFTs as a result of this were reportedly worth $3 million.

While the concept of NFTs dates back to 2014, the market for such digital collectibles has exploded in popularity in a very short time, attracting financial speculators flush with cryptocurrency. Platforms such as OpenSea and Binance have sprung up to facilitate the lucrative trade in NFTs.

“With individual NFTs often changing hands for a million dollars or more, and sometimes much more than that, it’s inevitable that the NFT ecosystem would become a target for hackers. We found that while hacks on NFT platforms may have started small in early 2021, targeting individual users for a few tens of thousands of dollars, less than a year later, cybercriminals are now regularly making off with millions of dollars worth of cryptocurrency,” Top10VPN said.

The report further said that cryptocurrency itself, another highly lucrative blockchain-based tech, is at the heart of another big cybersecurity trend in 2022.

Cryptojacking is the unauthorized use of victims’ devices to mine for cryptocurrency, typically after infection with malware.

The research found cryptojacking to be the fastest growing form of malware in 2022, due to a cryptocurrency market whose total value was over $2 trillion at the time of writing.

The average number of cryptojacking incidents in 2022 stood at 15.02 million per month compared to 8.09 million per month over 2021, an increase of 86%.

The analysis, which draws on threat intelligence data captured by firewall vendor SonicWall, shows that the growth of cryptojacking far outstripped the general trend for malware, which is so far up 16% in 2022.