NFTs, or non-fungible tokens, are a new type of digital asset. Non-fungible means they’re unique, meaning they cannot be swapped one-to-one for each other. Fungible assets are things like cash, gold, or a cryptocurrency like Bitcoin. NFT’s only exist online, and they’re authenticated through blockchain, which is a system that holds information that’s very difficult to change or hack.
NFT’s are valuable because each is unique, and the price is directly linked to its scarcity. NFT’s are digital collectibles and can take the form of artwork, social media posts, or videos.
As NFTs gain more traction, they’re also attracting more attention from criminals. People are reportedly losing hundreds of thousands of dollars’ worth of NFT artwork to hackers. There are various reports indicating that criminals are accessing buyer’s accounts and transferring the digital items or using the victim’s card information.
KENS 5 spoke with Jonathan Trimble, a retired FBI agent who specializes in cybersecurity. He gave insight into how hackers operate. He served 24 years with the agency, and prior to his retirement, he was the Chief Technology Officer of the FBI Information Management Division. He now leads Bawn, a security firm based in Austin.
“They will invest a lot of resources in understanding the way a system works or the way an individual behaves before they launch their attack. Maybe months of surveillance is conducted before they actually move to collect the NFTs or digital assets,” said Trimble.
Trimble said, “People may stereotype hackers as people who are living in a basement to perform data breaches. But he says they run a sophisticated business.”
“There might be a team of people that work on different aspects of the breach. There are some people that do the technology exploitation and others doing the actual hacking. There might be a boss that runs the entire activity. There’s going to be another person that does the social media engineering,” he said. “So, it goes back to these organizations that are auction houses or trading platforms and using multiple different ways to minimize that risk.”