Nfts
US Treasury flags NFTs for vulnerability to fraud and scam
KEY POINTS
- Criminals can use NFTs to conduct rug pulls, Treasury Department says
- Copyright and trademark vulnerabilities can also be used by criminals to carry out their illicit activities.
- The co-founder of Remilia claimed earlier this year that hackers stole millions of ETH and NFTs from his wallet.
The US Treasury Department has warned about the vulnerability of non-fungible tokens (NFTs) to fraud and scams, reiterating that this vulnerability can be exploited by criminals.
“The assessment finds that NFTs are highly susceptible to use for fraud and scams, many of which are traditional schemes involving NFTs, and can be stolen from victims,” the department said in its latest report. National Money Laundering Risk Assessment report.
He cited a report from a blockchain analytics firm that found more than $100 million worth of NFTs were stolen via scams between July 2021 and July 2022. The department believes that figure may be under -estimated, because victims often do not publicly report their losses in scams.
Besides the common rug in the digital asset space in which developers raise funds through a seemingly legitimate project but disappear after taking the funds, the assessment indicates that criminals may also create fraudulent NFT platforms to steal the victims’ fund.
The report states that NFTs and NFT platforms have so far rarely been used for terrorist financing. However, he warned that criminals also use NFTs to launder the proceeds “of underlying crimes, often in combination with other techniques or transactions intended to mask the illicit source of the funds.”
The department also highlighted how cybersecurity vulnerabilities related to NFTs, as well as copyright and trademark issues, can allow criminals to carry out fraudulent operations and theft in the NFT space.
According to the assessment, law enforcement observed that malicious actors often took advantage of customer information vulnerabilities in NFT platforms, particularly those that do not require customer data before using the platforms. -shapes. “Many platforms lack controls to identify customers or mitigate illicit financial risks.”
The department said the “highly automated nature” of NFT sales and the availability of tokens across different platforms allows illicit actors to launder assets by taking advantage of rapid transactions that make it difficult for blockchain analysts to trace illicit transactions. Criminals can also launder proceeds using mixers, including Tornado Cash, the report adds.
The Treasury Department’s warnings came about two months after Krishna Okhandiar, the co-founder of Remilia known for launching the popular Milady NFT collection, claimed that his digital wallet was hacked. As part of the alleged exploit, millions of NFTs and Ether (ETH) were stolen.
Probably one of the most significant NFT-related incidents was the takeover of Ethereum co-founder Vitalik Buterin’s X (formerly Twitter) account in mid-September. Hackers took his X username and published a phishing link that proposed fake NFTs. Victims lost nearly $700,000 in this scam.