Tuesday 15 December 2020 10:49 am

NFTs: A hot trend for hackers

2020 has been another milestone year for new, emerging crypto trends. From the research conducted by our Hacken team, we found that Decentralized Finance (DeFi) undeniably saw the most explosive growth with the total value locked in protocols up 2,000% since January 1, from US$690m to US$14.5bn. 

However, the Non-Fungible Token (NFTs) space has also experienced rapid expansion this year with over five million unique sales to date worth a total of US$145m. It was reported that this summer saw a 57% rise in NFT sales  In addition to this, NFTs are also starting to gain significant mainstream traction with leading global sports associations and gaming companies who are leveraging this new technology to reinvent memorabilia and digital items. 

Currently, collectables like Cryptokitties and CryptoPunks account for over 61% of all NFT sales, while in-game items like F1 Delta Time cars make up for 32%. Interesting side fact: This week, someone purchased an NFT representing 5% of the Monaco F1 Delta Time race track for US$220,000. This is the highest price anyone has ever paid for an in-game NFT and implies the value of the whole track could be worth at least US$4.44m.

With every innovative new market comes with it new opportunities for cybercriminal activity. The DeFi market, in particular, has become a lightning rod for hackers due to easily exploitable protocols and unaudited smart contracts. In the last 12 months, malicious attackers have successfully syphoned over US$100m worth of crypto funds from DeFi projects – according to the latest Ciphertrace report. A vast majority of the crypto ‘stolen’ from these DeFi platforms have been through “flash loan attacks” and unchecked arbitrage loopholes, largely due to DeFi developers having little financial experience to spot these problems beforehand.

With NFTs touted to become a substantially larger market than DeFi, it’s increasingly likely that we’ll see malicious attackers pivot towards NFT wallets and target high ticket items like digital art in the very near future. Morgan Creek Capital Partner and popular crypto influencer, Anthony Pompliano, said in a recent podcast “I personally believe that the digital art market cap will grow to become larger than the physical art market cap”. He even disclosed his plans to heavily invest in this particular area over the coming years. For perspective, physical artwork is a US$60bn market. This alone would elevate the value of the NFT market to the same as Ethereum’s market capital right now. This excludes the additional value of online collectables, virtual land, sports paraphernalia, domain names, and all other types of non-fungible assets. Decentraland, for example, has sold over US$38m worth of virtual land and real estate since launching, while The Sandbox recently secured US$1.5m in a digital land auction.

Storing these tokens safely is of paramount importance and yet very little is still known about NFT wallets and which providers should be trusted. At Hacken, our in-depth investigation into NFT wallet security found that only 4 out of the 9 leading non-custodial NFT wallets passed our screening process, which took into account whether wallet companies underwent regular public security audits, offered bug bounties to encourage white hat hackers, used open-source code, enforced strong password creation, and had any history of previous security breaches.

Among the top-performing wallet providers, MetaMask stood out as the best NFT wallet currently available in the crypto market. Coinbase and VeChainThor’s native wallets also proved to be secure options for NFT holders, however, VeChainThor’s wallet does not support any ETH-based protocols which are by far the most popular. MyEtherWallet and Trust Wallet were among the lowest-scoring providers, mainly due to instances of previous hacks and a complete lack of public security audits. Failing to carry out routine security audits after each code update is a sure-fire way to lose credibility and consumer confidence, as well as create vulnerabilities for hackers to leverage. 


We at Hacken fully expect the NFT market to be one of the more enduring trends that we see in the crypto space and anticipate the market will reach US$1bn in sales by the end of next year. We also believe there will be a notable uptick in NFT theft next year as more unique assets are stored in non-custodial wallets that fail to adhere to basic cybersecurity principles. 

Dyma Budorin, CEO of Hacken Group, in conversation with James Bowater.  Dyma was a top-level executive in Ukraine’s military defence industry. As an ACCA, his other achievements include an eight-year career in Deloitte in accounting, audit and project management.
For further information visit:
https://hacken.io/

LinkedIn: https://www.linkedin.com/in/dyma-budorin-acca-56a98035/

Twitter: https://twitter.com/buda_kyiv

Share