The blockchain has frequently been hailed as the future of art commerce, offering a way to ensure a work’s authenticity while creating an unalterable digital record of provenance on a public ledger. But recent reports of hacking on Nifty Gateway, a popular marketplace for non-fungible token (NFT) art, have raised questions about potential security flaws in the system. Several users have taken to social media in the last few days to claim they had NFTs stolen on the platform, with little recourse to get them back.
One of them is media strategist Michael Miraflor, who tweeted this weekend that his Nifty Gateway account had been compromised and his entire NFT collection cleared out in a matter of minutes. The hacker transferred Miraflor’s NFTs to another account and used his credit card on file to purchase more than $10,000 worth of Nifty’s daily “drop,” which they also transferred; then, they sold the stolen NFTs via the messaging app Discord.
Among the NFT works taken from his collection was an open edition piece by Major League Baseball player-turned-artist Micah Johnson, who made headlines when a group of NFTs representing one of his painted sculptures sold for $1 million in just one minute on Nifty.
Miraflor reported the fraudulent charges to his credit card company and was able to get his money back. (Nifty Gateway allows users to make purchases using their credit card instead of the Ether cryptocurrency that other platforms like Foundation, SuperRare, and MakersPlace require.) But when he reached out to Nifty’s support team regarding the stolen NFTs, he was told they could not transfer the digital tokens back to him. Transactions cannot be reversed on the blockchain, and per Nifty’s Terms of Service, Miraflor’s NFTs now legally belong to the users who purchased them fair and square — even if they were bought from a hacker.
Works by other high-profile crypto artists, like Trevor Jones, have also been stolen and resold in the same way, according to an ongoing list of the thefts created by Twitter user @KeyboardMonkey3, who estimates over $150,000 worth of NFTs have been stolen.
NFTs are unique digital files that can represent works of art and other collectible assets and are inscribed on the Ethereum blockchain. A growing number of artists have embraced the technology, which allows creators to sell their work without the help of a gallery as well as track and often earn a percentage on resales.
Miraflor says he started collecting crypto art because he liked the idea of supporting artists, many of whom had difficulties monetizing their work within the traditional art market.
“The sad thing for me is that I dove into exploring NFTs because 1) I love the idea of artists being compensated for resales in perpetuity and 2) it ostensibly solves provenance issues in the art space,” Miraflor told Hyperallergic. “I’ve lost a COA [Certificate of Authenticity] before, so know the headache that comes along with that.”
“I’m still optimistic on the long-term potential of NFTs to support artists and collectors, but I’m going to be a lot more mindful of security and platform terms of service moving forward,” he added.
A Nifty Gateway spokesperson told Hyperallergic that the company has seen “no indication of compromise” on its platform.
“The Nifty Gateway team is communicating with a small number of users who appear to have been impacted by an account takeover. Our analysis is ongoing, but our initial assessment indicates that the impact was limited, none of the impacted accounts had 2FA enabled, and access was obtained via valid account credentials,” they said.
2FA is short for “two-factor authentication,” a common form of online security that requires users to provide a second login credential, in addition to their username and password, in order to access their account. Nifty encourages users to enable the 2FA options provided on the platform and never reuse passwords.
In addition, the spokesperson said, users should purchase NFTs on the official Nifty Gateway marketplace. In many of the recent account takeovers, the stolen NFTs were sold in transactions negotiated outside of the platform, on Discord channels or Twitter.
One victim of a theft on the platform, Cranford Stoudemire, said he was able to get all of his stolen NFTs back except for one, a piece by artist Kode Abdo. Stoudemire caught the account being hacked as it was happening, in time for Nifty Gateway to lock down the secondary account where his NFTs were being kept. The company was able to transfer the works back to Stoudemire before they were resold in an unofficial marketplace.
Nifty Gateway has not responded to Hyperallergic’s inquiries regarding the exact number of incidents or the total value of NFTs stolen. But for some, the hackings have exposed holes in a technology often touted as a foolproof record of ownership.
“If art can be stolen with zero verification and the solution is ‘just don’t buy stolen art’ then you’ve kinda ripped away the curtain and exposed the scam,” wrote Twitter user @bach_tigh. “There’s no ownership, just made-up paperwork.”
This week, missed signs of previous life on Mars, the appeal of forged art, and why are blue whales singing in lower octaves?
All the Beauty and the Bloodshed forcefully posits multiple parallels between the world Nan Goldin grew up in and the one she fights in today.
The latest episode of this documentary series on PBS explores the meaning of home through handmade objects, hand built homes, and the artists who create them.
Your list of must-see, fun, insightful, and very Los Angeles art events this month, including Bob Thompson, Aimee Goguen, Uta Barth, the Transcendental Painting Group, and more.
There is the singular artist and then there is the more exclusive club that has only one member. Harvey belongs to the latter.
Rhode Island School of Design opens registration for its residential summer Pre-College program and year-round online intensive Advanced Program Online.
The artists say the Museum of Contemporary Art Kiasma must sever ties with Poju Zabludowicz, whose wealth comes in part from Israeli defense contracting.
Vanessa Albury, whose eco-friendly ceramic sculptures help revive filter-feeder populations, is raising funds to complete her first film about the project.
Hrag Vartanian, Hyperallergic’s editor-in-chief, is one of the guest jurors reviewing applications for the two-month residency in Utica, New York.
An archeological exploration of the amphitheater’s sewers and water systems uncovered remnants of meat, vegetables, olives, nuts, and yes, pizza.
At this year’s show, I reflected on the lack of bilingual materials, the absurdity of art-fair gimmick, and the workers who make it all possible.
Hear a band of improvisers led by Rajna Swaminathan and a performance of Morton Feldman’s “For John Cage” in programs inspired by the exhibition, “New York: 1962-1964.”
Your list of must-see, fun, insightful, and very New York art events this month, including art made during the first stock market crash, a homage to feline friends, and the 10-year anniversary of a crucial public art initiative.
Astrid Dick was told that she could not paint stripes because Sean Scully and Frank Stella have done so before her, a patently foolish statement.