- Over $100 million were repeatedly stolen in NFTs in 2021.
- The bulk of NFT scams include Otherside, Bored Apes, CloneX, Mutant Apes and Azuki.
- These five projects together constitute about two-thirds of the stolen NFT value.
Elliptic, a blockchain analysis company has found that about $100 million have been stolen in NFTs during the last year. The report, NFTs and Financial Crime, was released on Wednesday and mentions criminal crypto activity that happened between July 2021 to July 2022.
🚨Over $100 million worth of NFTs were publicly reported as stolen through scams between July 2021 and July 2022, netting perpetrators $300,000 per scam on average.— elliptic (@elliptic) August 24, 2022
Head to https://t.co/u6iPLjXgpR to read our NFTs and Financial Crime Report.#nft #crypto #aml
Besides the stolen NFTs, about $8 million in illegal funds have also been laundered through NFTs since 2017.
According to Elliptic, an average of $300,000 per scam has been netted by cybercriminals. $24 million in NFTs were stolen via scams this May. Coming to July, the month recorded the highest activity with NFTs stolen at 4,600.
This year, 23% of stolen NFTs happened through social channels such as Discord by sending phishing messages to users. Phishing emails and malicious websites are the other pathways of attack.
CryptoPunk #4324 is the most valuable NFT to be stolen ever and netted $490,000 to the thieves in November 2021. As far as the most significant theft is concerned, it happened in December 2021 and caused a loss of 16 blue chip NFTs that were worth $2.1 million.
It comes as no surprise that BAYC is the most preferred NFT project by cybercriminals. Bored Apes theft counts for stolen NFTs worth $43.6 million. In June, Seth Green paid $260,000 ransom for a stolen Bored Ape NFT.
Axie Infinity‘s Ronin Ethereum sidechain bridge attack in March 2022 by Lazarus Group has also been cited in the report. Furthermore, it mentions the Tornando Cash mixing service and states that digital assets of value beyond $160,000 that originated from sanctioned entities were utilized to buy NFTs.
Cybercriminals have become sophisticated and bypass verification protocols. Bad actors made off with 9136 SOL in January even after verification.
Last but not the least, counterfeit NFTs are a serious concern as well. OpenSea reported about 80% of NFTs being minted through its tool were fake collections, plagiarized works and spam in January.