A new type of NFT scam: beware of sudden NFT airdrops in your wallet


With the popularity of NFT, airdrop scams have also spread from the DeFi field to the NFT field.

Original title: “Be careful of the sudden NFT airdrop in your wallet, it may take away all your assets”
Written: 0x13, Rhythm BlockBeats

If your wallet has received a lot of NFT airdrops recently, please be more vigilant, your next move may ruin all of your collection.

On September 21, Twitter netizen AJ (@babbler_dabbler) tweeted that his wallet was stolen, and high-value NFT including Damian Hirst’s work “The Currency” was lost. According to his description, he The mistake he made was simply interacting with the NFTs that suddenly appeared in his account. Based on the floor price of his stolen NFT, AJ lost 13.75 ETH this time, or about $41,300.

A new type of NFT scam: beware of sudden NFT airdrops in your wallet

This kind of scam is actually very common in the DeFi field.

A new type of NFT scam: beware of sudden NFT airdrops in your wallet

Recently, many users will inexplicably receive some tokens they have never heard of before in their wallets. They usually end with “.io”. When you receive these hundreds of thousands of tokens, you will be excited. When you come to Uniswap and prepare to trade them into ETH, you will find that these tokens are worth tens of thousands of dollars. Although the liquidity is not enough to support you to sell these tokens at once, there is at least a liquidity pool that can be slowly sold. go.

Note that you are about to fall into the trap of a liar.

Some scammers will restrict the sale in the contract, and users can only buy, so the price of tokens will rise all the way, and the soaring currency price will also make more speculators blindly chase higher, and when the scammers are satisfied with their income At the time, you only need to withdraw the liquidity to put the scammed ETH into your pocket.

What’s more dangerous is the tokens ending with “.io” mentioned above. The authorization of these tokens before the transaction must go to the official website of these scammers. Once authorized on those websites, it is equivalent to Hand in hand with your wallet, the scammer will have the power to transfer all the assets in your wallet.

Is NFT airdrop safe?

Nowadays, with the popularity of NFT, such scams have also appeared in the field of NFT.

If you are a deep NFT player, I believe your wallet will also receive some NFT airdrops frequently. The purpose of most creators is to use airdrops to promote their works, to make their works appear in the eyes of some NFT players, and to gain more attention for their works. The transparency of the blockchain makes it impossible for us to stop Such behavior, and such behavior is reasonable.

A new type of NFT scam: beware of sudden NFT airdrops in your wallet

But not everyone is not malicious. AJ said on Twitter that he had only performed three abnormal operations, that is, hiding, placing orders, and accepting bids for NFTs that appeared inexplicably in his account. Since “hiding” is a function provided by OpenSea and is an off-chain operation, the problem can only occur in the two operations of pending orders and accepting bids.

When using OpenSea, we need to pay the Approve fee every time we interact with a new collection series. This is actually a very dangerous operation, but there are many newcomers entering the NFT field, and there has been no similar theft before. The incident caused people to relax their vigilance.

After the user interacts with the contract deployed by the scammer, the scammer can transfer the user’s assets. Although OpenSea can temporarily freeze the stolen NFT and prohibit transactions and transfers, most of the methods adopted by the scammers are to directly accept the robot’s far-reaching effect on the NFT. Offer below the floor price, and then transfer the ETH obtained to your wallet. At the same time, the stolen NFT may have changed hands many times. Even if OpenSea freezes the NFT, it is not a liar who is punished.

In addition, some scammers will plant fraudulent websites in hidden links of NFT.

Some NFT creators put the source files of their works in hidden links, because websites such as OpenSea are often not displaying the original images of the works. The creators put the source file storage links in the hidden links to hide them. Home can get the highest quality works.

But again, the low vigilance of NFT players gives scammers an opportunity. When the collector enters the fraudulent website, the assets will disappear again.

Why did the scammers shift their targets to NFT players in the near future?

The first reason is the problem of vigilance mentioned repeatedly above. Since there has been no similar incident in the NFT field before, people would not expect such a scam;

The second reason is that there are more and more high-value, high-liquid NFTs. From CryptoPunks to Bored Ape, Cool Cats, to pieces by well-known crypto artists, they often have extremely high value and at the same time. Strong liquidity, more importantly, most well-known projects will have a large number of robots to place orders to ensure that they can be cashed at any time, which improves liquidity and reduces the difficulty of cashing out for scammers;

The third reason is that users who can afford a large amount of high-value assets are often “not bad”. After cashing out their NFTs, scammers may be able to get more “surprises” from their wallets.

Nowadays, people who frequently trade in the NFT field also need to be vigilant at all times. What should we pay attention to?

First, do not click on any suspicious links, this is the most common way people are deceived; secondly, keep your private keys and mnemonic words, do not share your computer screen, and take the most basic security protection measures; third, don’t No one knows if the “airdrop” that appears inexplicably in the wallet is a big gift package or a cannonball, so what we need to do is to stay away from them as much as possible, no matter which chain they are on, whether they are ERC-20 tokens or NFT.

Disclaimer: As a blockchain information platform, the articles published on this site only represent the author’s personal views, and have nothing to do with the position of ChainNews. The information, opinions, etc. in the article are for reference only, and are not intended as or regarded as actual investment advice.

Adblock test (Why?)