According to a recent report by Peckshield, a leading blockchain security firm, the month of June witnessed a decrease in the value of stolen non-fungible tokens (NFTs) compared to previous months. The total worth of the stolen NFTs amounted to $2.27 million, marking the lowest monthly figure for stolen NFTs in 2023 thus far. In contrast, the highest figure for the year was recorded in February, with stolen NFTs valued at $16.2 million, representing an 85% decrease from that peak.
Peckshield’s analysis reveals that half of the stolen NFTs were promptly sold within a remarkably short period of 160 minutes on prominent NFT marketplaces such as Blur and OpenSea. These two platforms emerged as the primary avenues for selling stolen NFTs, accounting for 99.7% of the total in June. Of this, 86% of the stolen NFTs found their way to Blur, while OpenSea accounted for 13.76%.
The report also sheds light on the swift nature of these transactions, with approximately half of the stolen NFTs identified by Peckshield being sold within a mere three hours. This highlights the hackers’ proficiency in rapidly liquidating their ill-gotten NFTs.
Furthermore, in December 2022, approximately 500 phishing sites in North Korea were utilized by the Lazarus Group, targeting NFT investors. These phishing websites mislead users into associating their wallets with them and granting access to their digital assets by claiming to be well-known NFT marketplaces and projects.
Some of the phishing sites that are part of the campaign use the same IP address, and it has been going on for a while. To access the victims’ wallets and private information, the hackers use a variety of strategies, such as gathering visitor statistics and launching attack scripts.
Additionally, in a separate incident on January 3, 2023, a phishing attack targeted Nikhil Gopalani, the Chief Operating Officer (COO) of NIKE RTFKT. This attack resulted in the loss of NFTs valued at $200,000 from Gopalani’s wallet.