- Blockchain security firms contribute the best tips on protecting NFTs
- After last year’s spree of stolen NFTs, Web3 firms are looking to make stronger foundations for their customers this year
- Risk levels continue to rise as digital assets gain more attention from attackers
2022 was not a pleasant year for the non-fungible token (NFT) industry. With multiple hacks such as the Nomad bridge, Axie Infinity Ronin wallets, and BAYC scams totaling more than a billion dollars in stolen digital goods, blockchain security companies share their advice on combat NFT theft.
CertiK CEO Ronghui Gu, NotCommon CEO Michael Pierce, Chainalysis strategist Mohamed Issa, and BNB Chain growth operations director Alvin Kan gave out the most effective ways to stop NFT thievery.
These solutions allow both customers and developers to make situations worse using logical methods and, at times, tools. The advisors also elaborated on what to do after the theft occurred.
Before an Attack
Gu said the most important way to prevent it is due diligence, such as not clicking on suspicious links and double-checking before signing token approvals. He also told other strategies like checking and canceling unnecessary permissions and sorting NFTs in multiple wallets based on their purpose.
For the long-term investors, he said, “Long-term holds should be kept in a secure wallet that interacts minimally, if at all, with applications.”
Most importantly, he said, “Raising awareness of common scams is an ongoing effort,” when asked how people can be more aware of real-time fraud.
As for NotCommon CEO Pierce, he said that hardware wallets are the most helpful solution regarding the safety of the NFT, although the risks still stand. He said people need to buy the cold wallet “directly from the manufacturer” to lessen the chances of getting tampered hardware.
BNB Chain director Kan recommended that a tool like revoke.cash can help an NFT holder predict a hack before the attacker can do it. It is a tool that can verify wallet status and withdraw signatures. It also comes with browser extension warnings before a contract signing happens.
After an Attack
If in case the NFT has been taken, Gu said that the victim does not have a lot to do to recover it. Alternatively, an NFT marketplace can blacklist a specific collection of NFTs, so no other trades happen.
When a scam happened, Pierce recommended that the victim contact a database such as NotCommon to track the scammer and keep the other customers safe. Legal action is possible if the stolen goods involve a large sum of money.
Senior strategist Issa said in a report that NFTs have become one of the fastest-growing assets in the crypto space. Naturally, hackers will go after it before anything else in the Web3 area.
He urges that if a person becomes a victim of an NFT theft, they must be proactive. However, more than merely reports are needed. Issa recommended that an NFT holder install Storyline: an investment protector installed with analysis software from Chainalysis.
It tracks where the NFT started down to the transfer from outside the wallet and reads the movement in real time beyond the marketplace.
Kan advised reaching out to the marketplace if the hacker passes through and steals the NFT. As a contingency plan, burning the token is possible.
The tips from these individuals may sound familiar, but many holders are still unaware of the dangers. Especially since NFTs are still new to the market, it may take some time before a complete defensive system can stop the best of malicious attackers.
