All You Need to Know
Don’t worry any longer over how to best protect and secure your NFT assets, read about best practice from our specialists’ hand-picked sources and research.
From low to high-valued NFT assets, read about not only what we recommend, but what others experienced securing their own NFTs.
Are NFTs secure?
NFTs are famously safe to buy, store and trade due to records of ownership and authenticity residing on the blockchain. However, this system relies on the owner adhering to relatively simple security measures. Even if you are new to crypto tech, securing your NFT should be your number one priority and you must do your due diligence to ensure you have put in place all safeguards to keep your property secured.
Since the explosion in popularity of NFTs, we have also seen a rise in NFT art theft, and sadly most of the time these crimes are entirely preventable. Below are some case studies with recent examples of NFT art theft. We will explain what went wrong and how to safeguard your own NFTs later on.
What are people saying?
Case study 1 – Kramer’s Apes
On the 30th of December 2021, 16 NFT pieces from Todd Kramer’s Bored Ape Yacht Club (BAYC) were stolen, totaling approximately $2.2 million in losses. Kramer used a hot wallet (one that is connected to the internet) and made the mistake of clicking on what appeared to be a legitimate website and filling in his details, this website turned out to be a phishing scam.
OpenSea assisted Kramer by freezing the assets so they could no longer be traded, allowing Kramer the time and space to work out who took them and potentially how to recover them.
The lessons here are to:
- Use cold/hard storage! This was the main lesson for Kramer and would have prevented the theft. Even with lower priced artworks, it’s always a good idea to invest in hard storage which are very reasonably priced. (an affiliate link could go here)
- Double check every link and website on which you click, and triple check if you are entering any personal data.
Case study 2 – Dazed and Confused
Last year, about a month before the peak of BAYC, Stazie lost his Apes (again 16 of them) by way of a phishing scam. He clicked on a link in Discord from a user he thought he recognized (very close to a real one), he was directed to a convincing copy a website he was familiar with and. As he’d just woken up, it didn’t register how suspicious it was when a popup appeared and asked him to enter his credentials.
The scammers acted and quickly emptied Stazie’s wallet of both NFTs and Ethereum.
Lessons are the same as above!Collapse
Case study 3 – A Nifty little pilfer
This was an interesting one. Thieves managed to break their way into Nifty Gateway accounts and clear out several user’s NFTs and even max out their credit cards in March 2021. Nifty declared quickly that there was no hack; the thieves used real credentials to compromise the accounts. And indeed, it seems most likely that the thieves managed to access the data (account names and passwords) through the user’s phones.
In situations such as these, there is very little a user can do to get back any of the stolen assets.
This is not that uncommon. This happened again in October, it’s clear that anyone who leaves their accounts unguarded is at the mercy of thieves.
- For goodness's sake, use 2-factor authentication! The users who were hacked had no double layer of security and left themselves completely vulnerable to this attack. Even if a thief manages to get your password, it is extremely difficult to hack 2FA.
- Hard wallets – we cannot stress enough how useful and safe this tool is.
How Can You Avoid This?
Since there are many cases of stolen NFTs, you may want to make them more secure. There are several ways to increase your NFT security:
A crucial step to securing your NFT is choosing the correct wallet. It is not all about the features, like 2FA and multi-signatures, but considering other factors, like where it exists physically.
Experts agree there should be considerable focus on a couple of very important aspects:
The wallet to be non-custodial, which means you are the only person with access, and no company or website (especially centralized ones) should be able to access it.
A hardware wallet with hardware level encryption is the best place to store your NFT assets.
One of the methods to make your NFTs more secure is to use multi-signature authentication. This is like opening your bank account and doing translations – first you enter a password and when you transfer money, you are being asked to enter a PIN code, sent to your mobile phone.
Frequently Asked Questions
Below are few things we find people often asking about securing their NFTs:
What are NFTs?
NFTs are used to describe and verify the ownership of an electronic asset. They can be used as avatars, for trading, or to make collections. NFTs are a trending industry and it is foreseen that they will be part of the future.
What exactly is a hardware wallet?
A hardware wallet is a USB drive and a method of ‘cold storage’, meaning that it is not connected to the internet. It is a completely physical method of storing your NFTs and cryptocurrency by storing your private keys – meaning that as long as you have your hardware, you can completely secure your blockchain assets.
How safe is NFT storage?
Experts are still arguing about whether cloud storage or Interplanetary Filesystem (IPFS) storage solutions are best suited to handle the off-chain data of the NFTs, however we believe that due to the decentralized nature of the IPFS and its features matching blockchain technology’s traits to deliver on the missing piece of the puzzling question where NFT data should live.
We are a team of NFT fans, and we are concerned about the security of the art on the Internet. We created this web site to help you store your NFTs more securely. Contact us if you have any questions or ideas for more security options for NFTs.