Understanding The Hype Behind NFTs And Risk Of Fraud
Non-fungible tokens (NFTs) have been a hot topic in recent years, with some people touting them as the future of digital ownership and others warning of the potential for fraud. In this article, we explore the allure and potential benefits of NFTs, as well as the risks and challenges associated with their use.
What is an NFT?
An NFT is a unique digital asset that is stored on a blockchain. A blockchain is a decentralized database that is secure and transparent. This means that anyone can view the blockchain, but it is very difficult to change or hack. This means that the ownership of an NFT can be easily verified, which can also add to its value.
In 2021, a digital collage by Beeple sold for US $69 million. This makes it the most expensive NFT ever sold.
NFTs can represent anything from digital art to music to in-game items. When you purchase an NFT, you are purchasing the ownership of that asset on the blockchain. This means that you are the only person who can own that particular asset.
To acquire an NFT, investors receive them directly from authors or visit digital platforms where people can buy, sell and trade NFTs. Those platforms act as marketplaces for NFT traders. One of the popular NFT marketplaces is OpenSea.
The Hype Surrounding NFTs
The prevailing popularity of NFTs can be attributed to several key factors that have contributed to their appeal, including the profit potential. Some people believe that NFTs are a new asset class that has the potential to generate significant profits. This belief has been fueled by the high prices that some NFTs have sold for, such as the example we displayed earlier.
Others took an interest in the ability to own digital assets in a unique way that was not possible before. This has appealed to many people who are interested in collecting digital art, music and other items.
Potential for Profit and Investment
With their intrinsic scarcity and ownership rights, NFTs offer various avenues for profit and investment to enthusiastic investors. From buying and selling to several unique to capitalize on market volatility, to several other opportunities. Investors are across a plethora of brimming opportunities yet to be fully discovered.
Key current practices for profit and investment in the NFT space include:
Buying and Selling NFTs: Investors engage in the dynamic NFT marketplace by purchasing unique digital assets and strategically selling them for potential profit. As the value of certain NFTs fluctuates, investors can quickly capitalize on market trends and demand to seize opportunities and maximize their profits.
Minting NFTs: Artists, musicians, and content creators can tokenize their work, establishing digital ownership rights and the opportunity to earn revenue through initial or secondary market sales.
Staking NFTs: Investors trade lock their tokens to support specific projects or platforms. In return, they may receive rewards, such as additional tokens or access to exclusive features, providing a potential avenue for both financial returns and active participation in the NFT ecosystem.
Beyond the allure of profit, however, there is another factor that offers holders more tangible benefits.
Potential for Utility
NFTs can go beyond being collectibles; they can represent various real-world assets such as concert tickets, in-game items, and even real estate. With their ability to provide verifiable ownership, NFTs can grant their owners practical functionality in addition to their monetary value.
NFTs in Action
An example of this is membership to the Bored Ape Yacht Club (BAYC): BAYC holders have access to a members-only Discord server where they can interact with other BAYC holders, Yuga Labs staff, and other notable figures in the NFT community, in addition to other member exclusive benefits:
-
- Access to exclusive BAYC merchandise: BAYC holders can purchase exclusive merchandise, such as t-shirts, hoodies, and hats, from the BAYC website.
-
- Discounts on future Yuga Labs projects: BAYC holders will receive discounts on future Yuga Labs projects, such as games and metaverse experiences.
-
- Airdrops of new NFTs: BAYC holders may be eligible to receive airdrops of new NFTs from Yuga Labs.
-
- Voting rights: BAYC holders will have voting rights on future decisions that impact the BAYC community.
Another application of NFT utility is Gods Unchained, a free-to-play trading card game that uses NFTs to represent cards. Players can earn cards by playing the game, and they can also buy and sell cards on the secondary market.
Gods Unchained is one of the most popular blockchain games. Yesterday, June 22, 2023, The game was listed in Epic Games store, the digital distribution platform for video games with one of the highest player bases.
Some Gods Unchained NFT sold for tens of thousands of dollars.
Rank | Card | Sale Date | Price (ETH) | Price (USD) |
1 | Citadel of the Gods | December 8, 2022 | 43.26 | $76,000 |
2 | Hyperion | February 11, 2019 | 137.8 | $62,000 |
3 | Atlas | December 11, 2019 | 210 | $31,000 |
Similarly, one of the most popular metaverse projects is The Sandbox. It is a virtual world that allows players to build, own, and monetize their own experiences. The Sandbox uses NFTs to represent land, assets, and experiences.
Stellar Influence
Celebrities and media taking part of the conversation has had a visible positive impact on NFT appeal. In Jan 2022, Justin Bieber paid US $1.3 million for a Bored Ape Yacht Club NFT.
According to data from CryptoSlam, the Bored Ape Yacht Club NFT collection saw a 200% increase in trading volume in the 24 hours following Justin Bieber’s purchase. The average price of a Bored Ape Yacht Club NFT also increased by 50% in the same period.
Popular NFTs
-
- Bored Ape Yacht Club: This collection of 10,000 unique Bored Ape NFTs has become one of the most popular and valuable NFT collections. Each ape is unique and has different attributes, such as clothing, accessories, and facial expressions.
OpenSea: Examples for Bored Ape NFTs
- Bored Ape Yacht Club: This collection of 10,000 unique Bored Ape NFTs has become one of the most popular and valuable NFT collections. Each ape is unique and has different attributes, such as clothing, accessories, and facial expressions.
OpenSea: Examples for CryptoPunk NFTs
-
- Azuki: Azuki is a new NFT collection that has quickly become popular. It features 10,000 unique anime-inspired characters. Azuki holders get access to a members-only Discord server, exclusive merchandise, and other benefits.
OpenSea: Examples for Azuki NFTs
-
- Mutant Ape Yacht Club: Mutant Ape Yacht Club is a collection of 20,000 NFTs that were created by mutating Bored Ape Yacht Club NFTs. The Mutant Apes are just as rare and valuable as the Bored Apes.
OpenSea: Examples of Mutant Ape NFTs
-
- CryptoKitty: Canadian studio Dapper Labs created CryptoKitty, a collectible cat NFT, in 2017. It was one of the first NFTs to gain popularity, and it helped to launch the NFT craze.
- CryptoKitty: Canadian studio Dapper Labs created CryptoKitty, a collectible cat NFT, in 2017. It was one of the first NFTs to gain popularity, and it helped to launch the NFT craze.
OpenSea: Examples for CryptoKitties NFT
These are just a few of the many popular NFTs that are available. The NFT market is constantly changing.
Fraud
NFTs have not escaped the attention of criminals and fraudsters, posing significant risks and concerns for both individuals and investigators. While NFTs offer a secure and transparent ownership tracking system, they also present opportunities for illicit activities.
The pseudonymous nature of blockchain transactions further compounds the challenges of identifying and apprehending those involved in NFT-related crimes. Fraudsters can leverage the decentralized platforms to launder money through NFT purchases and sale while making it difficult for investigators without the right knowledge and tools to discover their identity.
Phishing Scams
On April 25, 2022, the official Instagram account and Discord server of the BAYC were hacked. The hackers posted a fraudulent link to a copycat of the BAYC website, which led users who clicked on it to a fake airdrop. When users connected their MetaMask wallets to the fake airdrop, the hackers were able to steal their NFTs.
The hackers stole a total of 91 NFTs, including 4 BAYCs, 3 BAKCs, 1 CloneX, and 78 Mutant Apes. The total value of the stolen NFTs was estimated to be between US $2.8 million based on the collection’s floor price. The NFTs that were sold (not all were sold, only the valuable ones) by the hacker generated approximately 761.82 ETH or US $2.3 million.
Yuga Labs, the company that owns BAYC, quickly took action to address the hack. They disabled the compromised Instagram account and Discord server, and they worked with MetaMask to disable the fraudulent airdrop. They also reimbursed the victims of the hack for the stolen NFTs.
This morning, the official BAYC Instagram account was hacked. The hacker posted a fraudulent link to a copycat of the BAYC website with a fake Airdrop, where users were prompted to sign a ‘safeTransferFrom’ transaction. This transferred their assets to the scammer's wallet.
— Bored Ape Yacht Club (@BoredApeYC) April 25, 2022
This is not the only incident or project to get compromised by hackers or scammers.
In October 2022, our team in Blockchain Intelligence Group traced the theft of 7 BAYC NFTs worth approximately 540 ETH (US $720,000) from one victim using QLUETM, the leading blockchain investigative tool developed by our team at Blockchain Intelligence Group.
QLUETM graph analysis of 7 BAYC NFTs phishing scam
The proceeds from the scam were consolidated and later exchanged through non-custodial exchange FixedFloat. A non-custodial exchange allows users to exchange one cryptocurrency for another without having to create an account or provide any personal information.
To use services like FixedFloat, you simply enter the two cryptocurrencies you want to exchange, the amount of each cryptocurrency you want to exchange and your wallet addresses. FixedFloat will then calculate the exchange rate and initiate the transaction. The transaction will be completed instantly, and the exchanged cryptocurrencies will be sent to your wallets.
Exploits
NFT hacks and exploits are a growing concern in the digital asset space. NFTs are stored on smart contracts, which are pieces of code that run on the blockchain. If there is a vulnerability in the smart contract, attackers can exploit it to steal the NFTs or the funds that are used to buy them.
On July 10, 2022, Omni, an NFT money lending platform, fell victim to an exploit in which hackers managed to steal more than 1,300 ETH, worth approximately US $1.4 million at the time. They accomplished this by exploiting a reentrancy vulnerability found in the smart contracts of the Omni Protocol.
A reentrancy vulnerability is a type of vulnerability that allows an attacker to call a function in a smart contract multiple times, even after the first call has already returned. This can be exploited to drain funds from the smart contract.
The hacker deposited Doodles NFTs as collateral on an Omni pool. They then used the reentrancy vulnerability to call the withdraw function in the Omni pool multiple times, even after the first call had already returned. This allowed the hacker to withdraw more ETH than they had deposited, and the Omni Protocol smart contracts were unable to prevent this.
To better understand the intricacies of this exploit, we used QLUETM to create a graph that visually represents the transactions and interactions within the Omni Protocol. The graph provides a comprehensive overview of how the exploit unfolded.
QLUETM graph: The flow of funds stolen from Omni smart contracts and involvement of the exploiter with the Nomad bridge hack.
By visualizing the exploit, we discovered that the exploiter created five smart contracts to drain funds from the Omni Protocol and direct them to two different addresses. The stolen funds were subsequently split and deposited into TornadoCash and another address, where they have remained unspent to this day.
This is where the strength of QLUETM comes into play. By flagging the addresses involved with the exploit and conducting further investigations over time, we uncovered that the same exploiters have been involved with another hack that occurred the following month, in August 2022, and resulted in the loss of approximately US $200 million from the Nomad cryptocurrency bridge.
Rug Pulls
To truly delve into the world of NFT fraud, we must navigate the treacherous landscape of NFT rug pulls. Our team estimates that the NFT enthusiasts lost more than US $40 million to 10 NFT rug pull scams alone in 2022.
A rug pull is a type of investment fraud in which the developers of a project abandon it and abruptly disappear with the investors’ hard-earned money.
Frosties, initially celebrated as a rising star in the NFT world at the start of 2022, swiftly transformed into one of the most notorious scams of the year. The incident left unsuspecting investors devastated, their trust shattered, and their financial losses substantial.
Frosties was a collection of 8,888 ice cream-themed NFTs that was launched in January 2022. The project promised investors a variety of perks, including giveaways, early access to a metaverse game, and exclusive mint passes to upcoming Frosties seasons. However, just hours after the project was launched, the developers rug pulled the project, taking off with approximately US $1.3 million in ETH.
Suspicion began to rise in the project when the developers took down the social media presence associated with the Frosties project and started cutting off communication channels with the victims. The project’s Twitter and other pages were removed, and the wallet address where users sent their purchase money was stripped from the project’s landing page on OpenSea.
Our team at Blockchain Intelligence Group quickly sprung into action, reporting the Frosties rug pull incident to law enforcement and leveraging QLUETM to assist with the investigation and conduct a comprehensive blockchain analysis. Thanks to our collaboration, the first federal arrests related to an NFT rug pull scam were made, thwarting further fraud and safeguarding potential victims.
“When our team identified suspicious behavior occurring over social media channels relating to what appeared to be an apparent rug pull involving the Frosties NFT, we not only notified law enforcement, but we put our investigative tool, QLUETM, into their hands without hesitation,” said Lance Morginn CEO and Co-Founder of Blockchain Intelligence Group
QLUETM graph: the deposit of Frosties NFT rug pull proceeds in Tornado Cash prior to sanctioning by OFAC and later into major exchanges.
QLUETM enabled us to swiftly trace the proceeds from the main Frosties NFT contract to scammer addresses which later deposited a big portion of the stolen funds in Tornado Cash. We successfully identified and flagged all the addresses involved and the exchanges scammers interacted with. US authorities later identified and arrested the perpetrators.
Blockchain Intelligence Group received the 2022 Homeland Security Investigations (HSI) Private Sector Partnership Award at the 6th Annual HSI New York Awards ceremony in recognition of the successful effort.
Final Remarks
The NFT space has been proliferating in recent years. The NFT market is projected to reach US $80 billion by 2025 due to the rising popularity of digital art and blockchain technology.
It has also been met with some concerns and criticisms. For instance, NFTs are accused of being bad for the environment due to the vast amount of energy required to produce them, unlike their traditional counterparts.
Moreover, the enchanting realm of NFTs has yet to escape the attention of bad actors and fraudsters. Although NFTs bring unrivaled innovations to the digital asset space, they also open doors to illegal activities.
Recognizing the rising significance of NFT-related crime and fraud, law enforcement agencies and investigators ought to adapt their strategies. This means acquiring a solid understanding of NFTs and employing the right tools to effectively address the challenges we mentioned.
Learn more about QLUETM as the must-have tool for solving complex NFT crime cases swiftly and easily.
Written By: Omar Marzouk
Writer, Content marketing at Blockchain Intelligence Group