[제미니 홈페이지 캡처]
The Verge reported on March 15 that a user account on the NFT exchange’s Nifty Gateway was hacked over the weekend, resulting in the theft of at least tens of thousands of dollars in NFT collections. Nifty Gateway is the largest NFT collection exchange, acquired by the Winkleboss brothers who run the Gemini Exchange. According to reports, hackers also purchased new NFT collections with their registered credit cards and transferred them to other accounts.
Michael J. Miraflor on March 14 Own twitter“Someone stole my NFT from the Nifty Gateway, and without my knowledge, I bought 10,000 worth of other NFT collections and transferred them to someone else’s account,” he wrote.
“There is no indication that our platform has been attacked, and we are communicating with a small number of users who appear to have been attacked,” said Nifty Gateway. Another media bitpush reported that hackers may have targeted users directly through mobile phones instead of attacking accounts through the Nifty Gateway platform.
# Where did the stolen NFT go?
“I got a warning from Nifty Gateway about the sale of goods,” Mirrorpler insisted. He also explained that he received several warnings from credit card companies. He added, “Because all transactions, including transfers, are recorded, we are aware of the two specific accounts and buyer information that the stolen NFT was sent to.” Reportedly, one account has hundreds of NFTs, and another account is known to be stolen and sold off the secondary market immediately.
“The NFT has confirmed the theft, and it knows how the stolen NFTs were sold,” said Mirrorpler. “The hacker found a buyer at Discord.”
Meanwhile, another Twitter user revealed that his NFT had been stolen by the same trick last weekend. “Someone hacked my Nifty Gateway account tonight and used my credit card to buy $20,000 worth of art,” he wrote.
Nifty Gateway issued a statement that it was analyzing the case. “According to initial investigations, the impact of this incident is limited. All unrelated accounts have two-factor authentication (2FA) enabled and can be accessed through valid account credentials,” he said. “We have confirmed that the NFTs stolen by hackers were negotiated through Discord or Twitter. We strongly recommend that all Nifty Gateway customers purchase NFTs from the official Nifty Gateway exchange,” he said. Currently, the Nifty Gateway does not mandate the use of 2FA. Nifty Gateway explained that users should follow security precautions, such as enabling 2FA and not reusing passwords.
Cybercriminals are now turning their attention to the NFT field. The NFT market has been booming in recent months. Last week, digital artist Beeple’s work’Everydays: The First 5000 Days’ was sold at Christie’s auction for $69 million. Artists such as Aphex Twin, Grimes and Rob Gronkowski have launched their own NFTs.
