The rising crypto frauds may have dampened the spirits of scores of global enthusiasts hoping to shine in the promising digital currency space. But is this going to be a permanent concern? Or is there a way to safely navigate the market without becoming a sitting duck for scamsters?
While the threats are real, and the participants may have little chance to escape an attack, especially those involving high-security breaches, some frauds could be avoided by taking basic precautions.
Experts believe that simple security measures could help avoid the risks to a great extent.
Why Is The Threat Real?
London-based blockchain analytics firm Elliptic estimated that the DeFi-based NFT industry lost an astounding $12 billion in frauds, which includes price manipulation, money laundering, etc., in 2021.
In many cases, hackers used a bug or flaws in the DeFi protocol to steal the crypto assets, said the Elliptic study titled 'NFT Report 2022', released on August 26.
In a tweet on August 4, the Solana blockchain revealed that a "malicious actor" was responsible for the massive thefts from its wallets. The tweet said, "An exploit allowed a malicious actor to drain funds" from thousands of Solana wallets, including Slope and Phantom wallets. It affected 7,767 wallets.
Commenting on the crypto frauds, Vijay Pravin Maharajan, the founder and CEO of bitsCrunch, a German blockchain analytics firm, said the onus of protecting the NFT wallets is on the users (buyers and sellers). However, some aspects of the responsibility also go to the marketplace.
According to Pratik Gauri, co founder and CEO, 5ire, a sustainable blockchain platform, It is critical to understand that the NFT as an underlying token standard can provide a raw canvas for more elaborate financial products to "be designed and released into DeFi. This is
because NFTs can take any type of information, be it an image, a 3D model, a document, literally anything, and give it a form of tangibility by making it cryptographically unique and identifiable from any other batch of data."
Here Are Five Things to Keep In Mind In The Crypto Marketplace:
Use A Secure Wallet: Maharajan advised people to opt for a non-custodial wallet to store funds or to access products. A non-custodial wallet lets you retain control of your credentials and assets instead of giving that responsibility to a third party.
But you may use a custodial wallet if the service provider is a reputed organisation. However, he warned that custodial wallets could be hacked more easily than non-custodial wallets.
Unlike custodial wallets, non-custodial wallets do not store private keys, which are unique characters to determine your ownership of the assets, including NFT. Binance, BitMex, and Coinbase are some examples of custodial wallets. The non-custodial wallets include Electrum, Exodus, and Ledger Nano X.
Don't Store Sensitive Data Online: Maharajan has advised people to keep a digital copy of crucial data to prevent it from falling into the wrong hands. He asked them to save login credentials and other critical details in a physical space that only they could access.
Be Vigilant of Wallet Activity: Keep track of your wallet and the respective NFT developer's blockchain activity. "While these strategies can serve as a safety net, the fact remains that blockchain users must be constantly vigilant about their assets and accounts," Maharajan added.
Check For Audited Smart Contracts: Elliptic researchers have advised people to check if the DeFi protocols have audited the smart contracts. This is because hackers usually exploit a DeFi NFT protocol by finding vulnerabilities in the smart contract. Therefore, one should also check whether the vulnerabilities in the smart contract audit have been patched.
Check For Suspicious Developers: You should check whether a DeFi protocol has been developed by an anonymous developer with no proven technical capabilities. If you can't find conclusive proof, then stay away from that protocol. You should also be careful of centralised DeFi projects, which have only a few private keys from developers since they could pull off a rug-pull scam.
Developers' Operational Readiness: Sometimes white hat hackers could expose a faulty smart contract code, but you should check if the DeFi protocol fixed the fault. Elliptic researchers also advised people to check if the NFT developer shows a general level of operational security during their public chats. This will help you judge whether they can be a target for social engineering attacks.
"Massive scams are occurring in DeFi, and it is prudent to be aware of them. One of the classic scams which happen with predictable regularity is called the 'Rug Pull, and the red flags are apparent from the beginning. It's a massive red flag when just a few wallets control nearly half the circulating supply of a token," added Gauri.