NFT Boom, How to Protect Your NFT Assets
What is NFT?
NFT stands for Non-Fungible Token which is issued in according to the Ethereum ERC721 standard. Different from other cryptocurrencies, each NFT token has a unique ID, so it cannot be duplicated. Also, it can only be traded in its entirety at transaction.
With its value escalating and market expanding continuously, NFT platforms and accounts have become a new prey for cyber criminals. In March 2021, a batch of accounts on a well-known NFT platform, Nifty platform, that had not enabled two-factor authentication were stolen, with one of them reporting a loss of US$150,000. In July 2021, Stazie, the anonymous developer of NFT game Hedgie, fell prey to a phishing website, and 16 CryptoPunks and some cryptocurrencies was stolen. In December 2021, the crypto exchange, AscendEX, was hacked to steal cryptocurrencies and NFT assets, which worth about US$77M, from the crypto wallet. In regard to NFT security issues, HKCERT has the following suggestions:
How to store NFT assets
Before trading NFTs on NFT platforms, the users need to ensure to store their NFT assets safely. Same as other types of cryptocurrencies, they can choose an Internet-connected wallet (hot wallet) or a non-Internet-connected wallet (cold wallet), or even use a combination of the two. Different types of wallets have different benefits and security risks, and the users must choose the wallet(s) based on their own needs.
The wallet contains at least one pair of the user's public and private keys, with the private key(s) also containing the information to obtain the assets, which is especially important.
Connected to Internet
Not connected to Internet and used to store private key offline
Potential cyber attacks, such as intrusion and data breach
Physical lost, storage device malfunction, physical damage or even forgetfulness