Some users of the non-fungible token (NFT) marketplace, Nifty Gateway, reported account hacks over the weekend. Hackers stole and purchased NFT art using the linked credit card credentials.
From March. 14, users took to Twitter to alert Nifty Gateway about the stolen NFTs and purchases of thousands of dollars made on their accounts. Following the purchase, the hackers transferred the artworks out of the accounts.
One user tweeted that their account and credit card were used to buy around $20,000 worth of NFT art. The same user later claimed that over $150,000 worth of art was stolen during the hack.
Compromised Accounts Lack 2FA
Nifty Gateway responded to the concerns in a statement on Twitter. It explained that the compromise is from the individual accounts rather than the platform itself.
“We have seen no indication of compromise of the Nifty Gateway platform. The Nifty Gateway team is communicating with a small number of users who appear to have been impacted by an account takeover,” explains Nifty Gateway in a Twitter post.
“Our analysis is ongoing, but our initial assessment indicates that the impact was limited, none of the impacted accounts had 2FA enabled, and access was obtained via valid account credentials.”
As a result, the platform asked users to ensure they have two-factor authentication enabled.
In addition, it warned users about the risks of buying NFT art off-platform. This came from reports that the stolen NFTs were sold in transactions on Discord and Twitter.
“We strongly encourage all Nifty Gateway customers to purchase their NFTs on the official Nifty Gateway marketplace,” Nifty says.
NFT Art Selling for Millions
Expensive NFT sales have grabbed headlines and attention over the last two months. Sales by big tech names such as Elon Musk and Jack Dorsey have been attracting bids into the millions.
The record for most expensive NFT sold currently stands at $69 million. This NFT record occurred on Nifty Gateyway’s platform.
As a result, hackers’ interest in these profitable items is unsurprising. The lack of two-factor authentication on the Nifty Gateway accounts gave them easier access to an online treasure trove of NFT art.
Trusted
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.
