According to a report by blockchain analytics firm Elliptic, criminals stole over $100 million worth of NFTs between July 2021 and July 2022.
In May 2022, the total value stolen by NFT scams reached a new record value of almost $ 24 million.
NFT Scams: Social Media is a Coveted Target
Elliptic’s research found that the number of NFT scams on social media, especially on Discord servers, skyrocketed in 2022. 23% of all NFTs stolen in the last 12 months (around 5000 NFTs) were stolen via social media platforms. The total value of these NFTs is about $ 20 million.
“The growing availability of custom malware that can bypass multifactor authentication is probably partly responsible for this”, according to the analysts.
According to the report, the actual figures are probably higher, as some NFT thefts are not always publicly known.
The NFT trading volume increased by leaps and bounds in the summer of 2021. The average daily turnover was over $ 50 million in 2021 and the annual NFT turnover was over $ 17.7 billion (an increase of over 200% compared to 2020).
Experts also predict an ever wider scope for NFTs as the gaming and metaver market continues to evolve.
Crypto Mixers and Money Laundering with NFTs
Blockchain intelligence company TRM investigated the NFT thefts associated with Discord. Analysts of the company wrote about this:
“It’s like classic scams. Once a community of criminal actors or scam-as-a-service operators understand the basic mechanisms from deception to execution, can scale them by reusing and repeating these procedures.”
State-sponsored malware and state-authorized entities are now seen as a growing threat to NFT-based services. An example of this is the Theft of $540 million from the Ronin Bridge Axie Infinities. The North Korean Lazarus Group was responsible for this and used NFTs, the US-approved crypto exchange Chatex, for this.
We have already reported that North Korean hackers are posing as applicants for crypto jobs in wealthy countries. With these jobs, the criminals want to finance government business. Furthermore, the hackers of the 620 million hacks of the Ronin sidechain of Axie Infinity used permission-free crypto mixers. With this, the participants washed the stolen funds.
In addition, $137.6 million worth of crypto assets were laundered from NFT marketplaces through the Tornado Cash crypto mixer. The crypto tumbler, which has since been banned by the Office of Foreign Assets Control (OFAC), has been the most popular service to date for the concealment of money transactions associated with NFT scams. 52% of all funds associated with NFT thefts flowed through Tornado Cash.
The ban on Tornado Cash made headlines in the crypto space. Vitalik Buterin defended the Ethereum-based crypto mixer. Other members of the crypto community also spoke out against the ban on crypto mixers.