From March. 14, users took to Twitter to alert Nifty Gateway about the stolen NFTs and purchases of thousands of dollars made on their accounts. Following the purchase, the hackers transferred the artworks out of the accounts.
Compromised Accounts Lack 2FA
Nifty Gateway responded to the concerns in a statement on Twitter. It explained that the compromise is from the individual accounts rather than the platform itself.
“We have seen no indication of compromise of the Nifty Gateway platform. The Nifty Gateway team is communicating with a small number of users who appear to have been impacted by an account takeover,” explains Nifty Gateway in a Twitter post.
“Our analysis is ongoing, but our initial assessment indicates that the impact was limited, none of the impacted accounts had 2FA enabled, and access was obtained via valid account credentials.”
As a result, the platform asked users to ensure they have two-factor authentication enabled.
In addition, it warned users about the risks of buying NFT art off-platform. This came from reports that the stolen NFTs were sold in transactions on Discord and Twitter.
“We strongly encourage all Nifty Gateway customers to purchase their NFTs on the official Nifty Gateway marketplace,” Nifty says.
NFT Art Selling for Millions
The record for most expensive NFT sold currently stands at $69 million. This NFT record occurred on Nifty Gateyway’s platform.
As a result, hackers’ interest in these profitable items is unsurprising. The lack of two-factor authentication on the Nifty Gateway accounts gave them easier access to an online treasure trove of NFT art.