NFTs have been one of the most talked about topics recently. They garnered some serious attention as the next breakthrough in crypto. But with everything new, the question about safety and security arises. So, what about non fungible tokens? Are they safe?
Since NFTs are so new, they are not completely safe from hackers. They can be hacked and high-profile reports of hacks already exist. Most notably the EasyFi and Nifty Gateway hacks are two prominent ones. But there are steps you can take to be extra secure as well.
As you might have guessed, that is only half of it. Things are a bit more complicated and also more interesting. So, let’s get into it in more detail.
Can NFTs Be Hacked?
NFTs are the future of art. The full form of NFT stands for non-fungible tokens. It is a blockchain-based art credential. The purpose of it is to give the original owner the right of ownership to a particular piece of art.
If it sounds good, that is because it is. NFT has garnered a lot of attention recently. This is because NFT seemingly allows anybody to either sell and purchase digital goods. And as I said, for artists, this is great news.
But the question is can NFTs be hacked? Well, NFT is not actually that hacker-proof it seems. There are reports that NFTs have been hacked. This is a cause of panic. Let’s talk about some methods that have already been used to hack NFTs.
One recent incident was the EasyFi hack. Their CEO said that the hackers were able to drain 46 million dollars from the company’s stable coin liquidity pools. Not only that. The hackers have also stolen 2.98 million EASY tokens. The worth of these tokens was $75 million, at the time of the hack.
NFTs prided themselves on being very secure. But do not lose hope just yet. All the hacks seemed to have occurred because of bad security measures. In the case of EasyFi for example, the hackers got into the system by hacking the CEO’s computer.
The company has also heard some choice words from social media. Social media has criticized the company for using MetaMask crypto wallets in the first place. The poor security admin key was somewhat the main weak link here.
Nifty Gateway Hack
As catchy as the name sounds, Nifty Gateway still seems to be vulnerable. This is an exclusive digital art platform. It allows you to buy exclusive NFTs, which the company cleverly calls Nifties and be sold on their platform as well.
Michael Miraflor, a freelance marketer, tweeted how someone stole his NFTs and purchased a whopping 10000 worth of his drop. And he did not even know about it. He also urged everyone to check their accounts.
Apart from Michael Miraflor, other reports have been surfacing that their account also got hacked. This is, of course, bad news for NFTs and Nifty Gateway as well. But the problems seem to be that the users did not have the proper security measures. They did not have things like two-factor authentications turned on.
So, non fungible tokens can be unsafe. It is all very new. But the rapid growth has exposed a lot of problems. All of which needs to be addressed and fixed. These scams are very popular through emails.
These platforms are also vulnerable to spoofing as well. They can be done through malicious actors and can be used to steal user credentials. Hackers can impact malware too!
One of the scariest ones is remote access trojans. These are exactly like what they sound like. Hackers can have complete control over the machine they hacked. Which basically can make you subject to the hacker’s will. They can check keystrokes and passwords.
NFTs may get stronger and more secure in the future.
However, this doesn’t mean that NFT’s itself aren’t secure. They are secure, however, the problem is human to human hacking where, Hackers can take the form of a anonymous personnel who can try to reach their prey through emails, offers and “Too Good to be True” Offers and Rewards. That’s exactly what happened with most of the victims out there.
This is the reason why, never share your NFT data with anyone. Especially, if its your Secret Seed Phrase, never share it to anyone.
How Can You Keep Your NFT Safe?
There are things you can do to take some of the security into your own hands. In the most basic form, you can do two things:
- Enable MFA
- Create a strong password
- Keep your Secret Recovery Phase Safe
1. Enabling MFA
MFA is multi-factor authentication. This will give you much more security and also keep the hackers somewhat at bay. Even if they manage to get past the first hurdle, since you have MFA enabled, your NFTs might still be safe.
The proof that MFA is important is that all the accounts that got hacked during the Nifty Gateway scandal, did not have 2FA (two-factor authentication) on. This made it easier for the hackers to gain unauthorized access to the user’s NFTs. So, turn on 2FA or MFA. You will be much safer.
2. Create a Strong Password
If you have MFA on, creating a very strong password in the first place is sort of like step 1. Do not, and I mean do not use a short password like your name or significant other’s name.
Passwords like these are very easy to hack. Computer systems can sometimes brute force them and go through. The basic rule to remember is the longer the password is, the harder it is to crack.
That does not mean you write a whole novel for your password. There are other ways you can make it long but still easy to remember. Try to make unique phrases that will make sense for you. Abstract passwords like these are harder to hack.
Another rule of thumb is to use a mix of characters when creating your password. Use capital letters, small letters, numbers, and symbols in your password.
3. Keep your Recovery Seed Phrase Safe
The only way you’re going to lose your entire Crypto Wallet is when you lose your Secret Recovery Phrase or if someone gets it on their hands. Even if the hacker get’s your password, without the Secret Recovery Phrase, he is limited to what he can do.
The best way to remain safe is to keep your Recovery Seed Phrase written somewhere. And you should only use the Recovery Seed Phrase to recover your account. Even if the Crypto Wallet company itself asks for this Seed, you should not give. This is how valuable the secret recovery phrase is.
This phrase is given to Crypto Wallet users, while they are creating their account for the first time and is only used to recover the account, incase if the user lost his password.
So, the next if anyone, asks you this seed, never give. Not even the Ethereum blockchain or any Crypto Companies.
To wrap up, non-fungible tokens or NFTs might not be that safe as of now. But that does not mean that the users and artists cannot do anything about it. If you take the right preventive measures and be careful, your chances of being safe are much higher.
As time passes and technology matures, we might see more robust security futures for NFTs. But it seems that is not the case today.