Connect with us


NFT Heists: Are Recent Attacks the First of Many to Come?

NFT heists are hitting the news. Here is how you can protect yourself from daylight robbery where you lose all of your NFTs.

The post <strong>NFT Heists: Are Recent Attacks the First of Many to Come?</strong> appeared first on BeInCrypto.

NFT heists are hitting the news. Here how you can protect yourself, says Indrė Viltrakytė, co-founder of the The Rebels.

Phishing attacks are not new. Sometimes, they are easy to spot. Like when the prompts come with a request to send your banking information to a prince from a far-away foreign land. But sometimes, they are harder to spot. Like when a request to approve the release of your assets comes from a seemingly trustworthy source.

This is what happened recently in an NFT phishing theft case. Users trusted a scheme that involved the Premint platform. The users agreed to a prompt to approve an unknown entity to control their assets. 

On July 17, 2022, a popular NFT platform, Premint NFT, was hacked. 314 NFTs worth $430,000 were stolen. Perpetrators were able to plant malicious code on Premint’s official website. The code instructed users to “set approvals for all” when connecting their digital wallets to the site. This allowed the attackers to access their crypto assets and steal their NFTs. 

The new world of NFTs – digital art collection – may be in line for more phishing attacks. 

NFT heists: What are being stolen?

Typically when we hear the word NFT, we think of a digital image that is unique and connected to the blockchain. It is, however, more elaborate than that. When talking about NFTs, the ownership tracking and uniqueness are always accented. But nowhere in the NFT standard, it is stated what the unique tokens represent. In its essence, the tokens are only unique numbers. It’s the authors of the NFT collection who define what these tokens represent.

Furthermore, images are usually never “uploaded into the crypto wallet.” They are not part of the NFT contract. A hash of the image might be written into the contract to create a connection with the thing that the NFT represents. Also, NFT as a standard doesn’t concern itself about the value or the buying and selling operations of the NFTs. It only supplies standard methods to transfer the NFT ownership. It’s the marketplaces and the community who build on top of that and treat the NFTs as merchandise. 

As merchandise, NFTs are mostly purchased as collectibles, often used for investment purposes. They have developed practical use cases only recently. An example is digital fashion wearables in the Metaverse.

NFT Heists: Are Recent Attacks the First of Many to Come?

What can be done in the future?

Who’s to blame? Is it the user? Or the platform, which allowed an attacker to initiate a fraudulent transaction?

In this particular case, the attackers were able to display content to trick the user into signing the fraudulent transaction. 

A vague, plausible-sounding reason for the transaction in combination with trust in the website was enough to fool many. That said, it is unreasonable to expect that the average Web3 user could skirt it. Most didn’t have a strong enough tech background to notice that the transaction was actually giving someone access to his or her NFTs.

It’s possible to trick users into signing transactions if it’s initiated by a trusted website. The assets in the users’ wallets are only as safe as ALL the decentralized applications (dapps) that the user interacts with put together. Identical cases are likely to happen in the future.

The ways security can be improved:

1. Wallets could display more human-oriented information for known contract interaction types. For example, a huge red message saying, “Hey, you’re giving control for all of your NFTs to someone!” That would be much better than the current all caps “SET APPROVAL FOR ALL” in gray in the MetaMask’s transaction confirmation window.

2. Websites could list and publish the contract interactions that they might initiate. The providers like MetaMask could refuse any non-standard transactions.

NFT heists: How can users protect themselves

– Review the transaction details before signing. This won’t protect the user 100% of the time. But reviewing what method on what contract is crucial.

– Separate NFTs (and other crypto assets) into multiple wallets. If the users are tricked into giving someone control of their assets in one wallet, at least the assets in other wallets are safe. This is as long as you don’t share your private key or the seed phrase.

– Use different wallets for different dapps. It’s not always practical to do so when the dapp is meant to interact with other assets in the wallet. However, it’s important to try keeping only what’s relevant.

About the Author 

Indrė Viltrakytė is the co-founder of the Web3 fashion venture The Rebels. It has 10101 unique characters based on the controversial “Jesus, Maria” ad campaign. The campaign was banned but later found justice in the European Court of Human Rights, which ruled in favor of the brand. The case is now held as a precedent in cases related to freedom of expression in the EU. Indrė Viltrakytė has 10+ years of experience in the fashion industry.  

Got something to say about NFT heists or anything else? Write to us or join the discussion in our Telegram channel. You can also catch us on Tik Tok, Facebook, or Twitter.

The post <strong>NFT Heists: Are Recent Attacks the First of Many to Come?</strong> appeared first on BeInCrypto.

Source: Markets – BeInCrypto

Continue Reading


Is LUNC in for a steep price rise? Best places to buy LUNC now

Few crypto market watchers have missed the viral campaign to get LUNC listed on…

The post Is LUNC in for a steep price rise? Best places to buy LUNC now appeared first on CoinJournal.

Few crypto market watchers have missed the viral campaign to get LUNC listed on Coinbase. Its price reached a peak in the morning of October 2. What direction will it take? 

Look no further than this short article for all the details about LUNC: what it is, is it worth investing in, and the best places to buy LUNC now. 

Top places to buy LUNC now

As LUNC is such a new asset, it's yet to be listed on major exchanges. You can still purchase LUNC using a DEX (decentralised exchange) though, which just means there are a few extra steps. To buy LUNC right now, follow these steps:

1. Buy ETH on a regulated exchange or broker, like eToro ›

We suggest eToro because it's one of the world's leading multi-asset trading platforms, an exchange and wallet all-in-one with some of the lowest fees in the industry. It's also beginner-friendly, and has more payment methods available to users than any other available service.

2. Send your ETH to a compatible wallet like Trust Wallet or MetaMask

You'll need to create your wallet, grab your address, and send your coins there.

3. Connect your wallet to the 1Inch DEX

Head to 1Inch, and 'connect' your wallet to it.

4. You can now swap your ETH for LUNC

Now that you're connected, you'll be able to swap for 100s of coins including LUNC.

What is LUNC?

LUNC is the token of Terra Classic, a blockchain protocol that uses fiat-pegged stablecoins to power price-stable global payments systems. 

The Terra ecosystem collapsed in May this year, leading to a fork, when a new version of Luna was launched. 

The creators implemented the Terra Ecosystem Revival Plan 2, under which two Luna token versions were created. 

Should I buy LUNC today?

Nothing can substitute doing your own research. Any investment decision you make should be based on your market expertise, your attitude to risk, and the features and spread of your portfolio. Also, consider how you would feel about losing money. 

LUNC price prediction

Telegaon predicts that the token will trade between $0.009 and $0.03 a year or two from now. At the time of writing, its price was $0.00032.  

After analyzing LUNC’s historical performance, other market insiders predict that its average price in 2024 will be $0.015.

LUNC on social media

The post Is LUNC in for a steep price rise? Best places to buy LUNC now appeared first on CoinJournal.

Source: CoinJournal: Latest Bitcoin, Ethereum & Crypto News

Continue Reading

Top Posts

We need your support.

Enjoying our free service? Please help us by clicking the ads on our website. They are 100% safe. Thank you!