The blockchain has frequently been hailed as the future of art commerce, offering a way to ensure a work’s authenticity while creating an unalterable digital record of provenance on a public ledger. But recent reports of hacking on Nifty Gateway, a popular marketplace for non-fungible token (NFT) art, have raised questions about potential security flaws in the system. Several users have taken to social media in the last few days to claim they had NFTs stolen on the platform, with little recourse to get them back.
One of them is media strategist Michael Miraflor, who tweeted this weekend that his Nifty Gateway account had been compromised and his entire NFT collection cleared out in a matter of minutes. The hacker transferred Miraflor’s NFTs to another account and used his credit card on file to purchase more than $10,000 worth of Nifty’s daily “drop,” which they also transferred; then, they sold the stolen NFTs via the messaging app Discord.
Among the NFT works taken from his collection was an open edition piece by Major League Baseball player-turned-artist Micah Johnson, who made headlines when a group of NFTs representing one of his painted sculptures sold for $1 million in just one minute on Nifty.
Miraflor reported the fraudulent charges to his credit card company and was able to get his money back. (Nifty Gateway allows users to make purchases using their credit card instead of the Ether cryptocurrency that other platforms like Foundation, SuperRare, and MakersPlace require.) But when he reached out to Nifty’s support team regarding the stolen NFTs, he was told they could not transfer the digital tokens back to him. Transactions cannot be reversed on the blockchain, and per Nifty’s Terms of Service, Miraflor’s NFTs now legally belong to the users who purchased them fair and square — even if they were bought from a hacker.
Works by other high-profile crypto artists, like Trevor Jones, have also been stolen and resold in the same way, according to an ongoing list of the thefts created by Twitter user @KeyboardMonkey3, who estimates over $150,000 worth of NFTs have been stolen.
NFTs are unique digital files that can represent works of art and other collectible assets and are inscribed on the Ethereum blockchain. A growing number of artists have embraced the technology, which allows creators to sell their work without the help of a gallery as well as track and often earn a percentage on resales.
Miraflor says he started collecting crypto art because he liked the idea of supporting artists, many of whom had difficulties monetizing their work within the traditional art market.
“The sad thing for me is that I dove into exploring NFTs because 1) I love the idea of artists being compensated for resales in perpetuity and 2) it ostensibly solves provenance issues in the art space,” Miraflor told Hyperallergic. “I’ve lost a COA [Certificate of Authenticity] before, so know the headache that comes along with that.”
“I’m still optimistic on the long-term potential of NFTs to support artists and collectors, but I’m going to be a lot more mindful of security and platform terms of service moving forward,” he added.
A Nifty Gateway spokesperson told Hyperallergic that the company has seen “no indication of compromise” on its platform.
“The Nifty Gateway team is communicating with a small number of users who appear to have been impacted by an account takeover. Our analysis is ongoing, but our initial assessment indicates that the impact was limited, none of the impacted accounts had 2FA enabled, and access was obtained via valid account credentials,” they said.
2FA is short for “two-factor authentication,” a common form of online security that requires users to provide a second login credential, in addition to their username and password, in order to access their account. Nifty encourages users to enable the 2FA options provided on the platform and never reuse passwords.
In addition, the spokesperson said, users should purchase NFTs on the official Nifty Gateway marketplace. In many of the recent account takeovers, the stolen NFTs were sold in transactions negotiated outside of the platform, on Discord channels or Twitter.
One victim of a theft on the platform, Cranford Stoudemire, said he was able to get all of his stolen NFTs back except for one, a piece by artist Kode Abdo. Stoudemire caught the account being hacked as it was happening, in time for Nifty Gateway to lock down the secondary account where his NFTs were being kept. The company was able to transfer the works back to Stoudemire before they were resold in an unofficial marketplace.
Nifty Gateway has not responded to Hyperallergic’s inquiries regarding the exact number of incidents or the total value of NFTs stolen. But for some, the hackings have exposed holes in a technology often touted as a foolproof record of ownership.
“If art can be stolen with zero verification and the solution is ‘just don’t buy stolen art’ then you’ve kinda ripped away the curtain and exposed the scam,” wrote Twitter user @bach_tigh. “There’s no ownership, just made-up paperwork.”
Let’s be honest: On a best bathrooms list, no one wants to be number two.
Advocacy groups are pushing for a 5% royalty in resales, which would pertain even after the artist dies, in which case the funds would go to their estate.
The Newark Museum of Art Presents Jazz Greats: Classic Photographs from the Bank of America Collection
Photographers Antony Armstrong Jones, Milt Hinton, Chuck Stewart, Barbara Morgan, and more capture a breadth of legendary and local musicians and performance artists. On view through August 21.
This week, the Getty Museum is returning ancient terracottas to Italy, parsing an antisemitic mural at Documenta, an ancient gold find in Denmark, a new puritanism, slavery in early Christianity, and much more.
The absence of an explicit framing of American art, in all of its diversity, as a visual culture of empire distorts and hampers our ability to understand — and reimagine — our social world.
Art and photographs, publications from the 19th and 20th centuries, manuscripts, posters and more are set to cross the auction block on August 18.
The gap between the material body and the psychological one, which we all too often take for granted, is one of the underlying themes of Hiro’s exhibition.
David Rios Ferreira and Denae Shanidiin join forces to bring awareness to the plight of Indigenous women and girls, and LGBTQ+ individuals.
Metrograph’s series The Process features films that were either directed by Robert M. Young or made with the help of Irving Young’s postproduction facility.
Memes depicting a sinister, all-powerful Joe Biden alter ego are sweeping the internet, and the Democratic establishment is loving it.
“She dug into what she was fascinated by and obsessed with: things that existed on the periphery, people who didn’t follow the rules,” said one of her friends.