NFT hype will hijack your PC and webcam
With the rapid development of the Internet and computers, more and more novel things have appeared in our lives. We no longer read newspapers but read news on the Internet. People don’t need to go to the mall to shop. We only need to place an order in the online store and wait for our package delivery to home. In recent years, something called NFT (Non-fungible token) has also appeared and is well known. More and more hackers have started to focus on NFT, trying to get private information or money from it.
What is NFT?
Both Non-fungible tokens (NFT) and fungible tokens (FT) are cryptocurrencies. They all use blockchain as a digital database. But FT is a native currency. It is fungible by another identical one with the same value, such as 10-dollar cash can be exchanged for ten 1-dollar coins. It will be also work in FT. Now the most famous FT is Bitcoin. NFT has different. That is unique and indivisible, which means all NFTs are different—NFT used to buy and sell the form of image, video, or another form of digital artwork. Virtual real estate sold for millions of dollars a few months ago, which belongs to the NFT. In a sense, NFT plays the role of a patent office, helping each unique thing to be copyrighted and helping it identify patents.[2][3]
How the hacker makes that work?
New things can easily attract people’s attention. Hackers have also exploited this vulnerability to create many links, emails or files that look to be related to NFTs. When they are downloaded and opened, the Trojan virus has been installed on your computer, through which the hacker can quickly get all the things he wants, including information and money. For example, the hacker included a suspicious excel file in this case. In fact, this excels file contained a Trojan virus called BitRAT. [1]
What is the danger of this kind of attack?
BitRAT is a remote access trojan (RAT). It can upload and download files, monitor screens, listen to your microphone. And get your keylogging. That means if your computer has this virus, the attacker will know everything about you. You will no longer have any privacy. [1]
As a popular one now, NFT has good room for future appreciation, and at the same time, it does not require the user has high computer technology. It is easy to attract the attention of ordinary people. but They usually know very little about how hackers attack. [1]
Conclusion
As new things appear, people start to recognize them, learn them, and then use them. At the same time, hackers are also trying to make it work for themselves. To help them get the attacker’s private information, password, money, or something else. [1]
The Cybersecurity researchers at Fortinet gave us some advice to help us not give hackers a chance to create holes in your computers, such as not downloading or opening untrusted files or links. [1]
References:
Great post! You are indeed right these days the world has moved online rather than in person. I myself do not go out that much, especially for food and shopping. It does not shock me that hackers also used this to their advantage. As you mentioned ads always interest people as we all want to find the best deal out there. Since we just learnt about the types of malware it was really interesting to read about the Trojan virus in your blog. After reading your post I would recommend everyone to surf the web carefully and verify every ad or link before actually opening it.
Before delving into the popularity of NFT, it’s important to understand why it was created in the first place. It was created in order to obtain ownership of a product or object that can be simply replicated in today’s digital environment. It establishes ownership legitimacy. Investing in NFT is designed to meet both financial and personal needs.
Self-need can involve a passion for collecting antique or fascinating objects, which gives them enormous pleasure in reaching their goal.
Second, selling those rare NFT can be extremely profitable.
NFT, in my opinion, grew in popularity in the digital era, particularly after the pandemic, as people began to spend more time in the virtual world rather than the real one. Later, their virtual entertainment space turned into investing platforms, thus the hackers get more opportunities to hack computers. It was really a knowledgeable post. Thank you.
So here’s what I don’t really get about NFTs (and please let me know if you have an answer/solution for this, because I really haven’t seen any that make sense thus far). I don’t really understand how NFTs create “ownership legitimacy”. I’ve seen a lot of people with the ape profile pic (which also pls explain I don’t get the hype) claim this ownership thing, but I still don’t get how clicking right can (a) be stopped or (b) be considered theft. I also wasn’t able to find any cases of police pressing charges for anything similar, so unsure if its actually enforced at all. I do however agree with your statement that the re-selling of NFTs can be extremely profitable, but it just seems like yet another rendition of tulip mania.
I think it’s better to look at purchasing NFTs as buying a slot in a database, rather than buying a digital image. When you buy an NFT and become the owner of it, the proof of that ownership is stored publicly on a blockchain. Anyone could right-click and save the image or video representing the NFT, but it would not change the proof of ownership stored on this blockchain. I also don’t believe that saving another person’s NFT is considered theft – you technically aren’t “stealing” an image this way, just creating a local digital copy of it which does not modify the blockchain in any way. At least this is how I understand it.
I didn’t know that NFT existed nor was I informed about it until now. I agree with your first paragraph on how people don’t need to go out since we have the technology of ordering online and for reading articles. I think that moving forward, we should all be careful about what we download and open. This was a very insightful post, well done!
This post is insightful. I had very little idea about NFTs. Seems like although it can help you secure the authenticity of art, it makes the system that’s holding it more vulnerable to attacks. More hackers have started focusing on this because NFT persuades people to buy art of high value since it shows a certificate of authenticity. Using a hardware wallet to store cryptos offline is the best way to keep it secure from hackers.
A general problem that is arising from these NFTs is that many people are flocking to them without much insight or are listening to people are ‘claim’ to know everything about the goods. These same people seeking to buy NFTs are also not as aware of the risks associated with these digital goods, which makes their lack of prior knowledge about the goods mean they are easier to exploit by hackers. Peoples’ sense of curiosity and emotion need to be considered. Prior to jumping into a new trend we should first learn about the product and make inferences based on observations and trends. Learning from someone with much more experience would also be helpful. However, at the same time, it may be wiser to spend our own money on physical products that we can use. I am still unsure how a ‘monkey’ became worth tens of thousands. While the internet has brought us many revolutionary innovations to our day-to-day lives, there are some things like NFTs that do make me stractch my head lol.
I definitely never thought about this kind of use for NFTs. I think what makes this kind of thing especially harmful, is that it scares people away from wanting to learn and engage with cryptocurrencies and its other potential uses. Hopefully as the technology continues to develop, this won’t be as much of an issue.
Interesting post! I did not have any knowledge about NFT technology before, but I have the basics now. I once heard from a friend of mine that he’s been a victim of this sort of attack, losing about 10K US dollars. It is surprising to me however that why don’t people be aware and careful when trying out some new technologies, rather they get hyped trying everything without knowing the potentials of being a victim. I personally believe that we should all be careful and responsible enough before trying out new technologies which are being hyped.
This is an informative piece, especially given how hyped-up NFTs have been this year. when a person buys a non-fungible token (NFT), they are guaranteed to have it all to themselves. As the world progresses, new technology improvements are developed, and people begin to use them without thinking about the implications or the possibility that hackers and attackers would devise new ways to defraud people. As a result, everyone is accountable for their own internet security. To keep yourself safe from keyloggers, use a firewall and password managers.
This is quite the perplexing post as we are constantly reminded that hackers are people too, and that they do indeed seek out the latest and greatest trends to attack, even more so now that NFT’s are actually the easiest method of investment in this day and age due to lack of verification needed to open an investment account and there is no age limit either. This is why I believe that NFT’s are such a strong target audience to attack for malware, and specifically in this case BitRAT. Of course my argument here is that due to the lack of restrictions, there have been confirmed 12 year old individuals who actually circulate NFT’s and of course with email and the such, the older non tech-savvy investors are also still at high risk even regardless of NFT traction. I think the real method to security in this regard is to be educated on how the NFT system works and specifically for the edge case age users, we must promote stronger antivirus and anti-malware solutions since lack of knowledge is a huge weakness.
Good post!
I see the word NFT on Instagram or Tiktok basically every day and all those posts are always trying to convince me that NFTs are how to become rich and make lots of money easily so I can totally see people using this hype to take advantage of people. It’s actually funny to me because I thought NFTs themselves are usually scams so it’s kinda like people getting scammed before even getting to get scammed.
The current market for NFT’s is very unsafe, I strongly believe that everyone must do their own research on the topic before investing any amount of money is this space. From rug pulls to Investor Scams, The risk is very high in this market due to the amount of hype it has gathered. This blog post only re-enforces this by giving examples on how increased publicity for a market makes it much more volatile in the sense where an investor runs a high risk of having low to no returns on their investment. Also I would like to touch on the idea of RAT malwares, they are very common amongst scams of this nature, but unfortunately, most people still don’t know about them. I think the best step for all NFT communities is to educate their members of such scams and give them sources to reliable information on the subjects of NFT scams and general malware. Great blog!
That’s a great explanation of NFTs! With any new technology, it’s inevitable that people will want to exploit others through that new technology, it’s almost a sort of cyclical effect. Something new gets really popular > a whole lot of people jump onto it > attackers recognize this and want to exploit it > people fall victim to attacks > Something new gets really popular > etc. The concern with “a whole lot of people jump onto it” is that it includes every kind of person, from people who are very smart and tech-savvy, to people who just want to jump onto the bandwagon without knowing the risks. And it’s the latter that usually see the upsetting downfalls of the technology, in this case NFTs.
Thanks for the post! This is one of the reasons why I am still skeptical about NFT. I have some attempts on buying one but I found it very hard to verify if the piece is legit or original.
That was an interesting post to read! I got to know that there’s a potential that a fake NFT store will sell counterfeit NFTs. In addition, it’s concerning that someone can mimic a well-known NFT artist and illegally selling NFTs.I believe that digital piracy, false airdrops, fake NFT freebies, and imitation of popular NFTs all increase the likelihood of online fraud. I agree to the point that everything had shifted to being completely online and we can expect that frausters will try to use a way using this advantage of being online. Overall, it was a great post to read.
This is a really interesting topic. I have a lot of questions now. The post has implied that NFT-related malware is the work of hackers who did not create the NFTs themselves. I would think, then, that stronger authentication practices would help protect NFT buyers from RATs.
What I am unclear about is whether hackers are targeting people who buy NFTs (and accidentally download a RAT in an attempt to download their NFT) or people who are downloading what they think are free NFTs. If it’s the latter, then maybe most of this problem would go away if people had a better grasp of what NFTs are. It would be meaningless to download the content of an NFT if you do not get proof of ownership and confirm that your ownership is reflected in the blockchain. Even if there was no malware, “downloading an NFT” for free would not allow you to make money off of it. If any of my assumptions about NFTs are wrong, please let me know. I wouldn’t touch them with a ten-foot pole.
Obviously something new comes with some risks and complications. NFT is not yet well known to most people. My understanding of them is that they are expensive pictures. By being prepared and informed about a new subject, such as how NFT works and how it exists, the problem can be solved at its root.
NFT’s are definitely a space where you have talented creators looking to safeguard their digital works mixed with malicious & untrustworthy actors, along with people looking for short term gains. Many artists now work digitally whether it would be publishing their works on websites such as deviant art, or drawing on a digital tablet, unfortunately outside of watermarking your work, there isn’t many ways to show proof of ownership of your work.
NFT’s definitely get a mixed reputation due to that space being flooded with “investors” and confusing messaging using “Blockchain” as a catch-all word for any similarities with bitcoin that many people are seeing it’s value as a quick cash grab instead of it value in showing proof of digital rights.
Interesting post! Actually I still can not get the points about the practical meaning of FT and NFT. The fun fact is that normally hackers still need victim click some links or files. So be careful with links and files that you do not know is absolutely a great strategy to protect yourself from most malware and trojan. Something like NFT is not the potential risk itself, hacker just use this kind of thing to bait victim.
Great Post! I have heard about NFT but didn’t do too much research on them. This post helped clarify what NFT and FT are for me. I am still a bit unclear as to how the hackers get people to download those excel files. Do they bait people into thinking they are getting an NFT when in reality they are just getting a virus. It is scary the time and age we live in as technology keeps advancing so fast that it is hard to stay educated on how to keep yourself safe. Once again great post.
The problem you discussed about the Virus attacks is a general problem of the internet, even without the existence of NFTs this problem would prevail but NFTs have definitely added to the problem. Moreover, right now it has become somewhat of a trading game, and people are trying to jump on the hype due to which they are more likely to be caught in the malware trap. The sad part is a lot of the people have no interest in the object and just buy it in the hopes of selling it for more.
This was a pretty good read, I liked how you explained the difference between fungible tokens and non-fungible tokens! I am currently a skeptic of the whole business model of NFTs, but I agree with you that the popularity and ease of access can easily introduce something to a trojan to an unsuspecting user. It would also make sense that the cohort of people willing to buy into NFTs due to the hype are also the same type of people that are willing to fall for other things. Things which may or may not contain malware.
I noticed the first infographic uses the word “fundible” but the first paragraph uses the word “fungible”. Are these interchangeable? Also, I never considered that NFT’s would be susceptible to malware but because how ingrained in technology it is I’m not surprised. I didn’t realize Trojans like BitRAT could remove all of your privacy. This is definitely something to be wary of in the future.
Great post! Since NFTs are quite new world to most of the people, there are hackers and attackers trying to take advantage of this unexplored technology. As others pointed out in the comments, it is a problem that people trying out new technology without much of the research. There are lots of people just jump on the hype. This post teach us lessons on how we should try to observe and research before just jumping on the new trend. We should always be careful when it comes to new technology.
Very neat post. Not surprising to see groups take advantage of those jumping on the NFT train. Many individuals who proceed to purchase/sell NFT’s don’t understand the underlying technology and see these technologies as a “get rich quick scheme” likely due to the growth of cryptocurrencies and the ability to have become very rich if invested from the start/release of said currencies. I think it will be more commonplace to see attacks similar to these in the future which take advantage of an individuals desperation to cash-in on the current trend and better their lives.
I had no prior experience with NFT technology, but now I am familiar with the fundamentals. A buddy of mine told me that he had been the victim of a similar attack and had lost amount in the process. Why don’t individuals be attentive and cautious while experimenting with new technology, though, is a mystery to me. They should learn more about using new software and what is the if and buts along with the attractive part. I still believe that the stock market is still good than those NFT things.
This is a great post, but I’m going to be totally honest in saying that I really don’t understand the NFT hype. In the way that you explained with NFT’s acting as the ‘patent office’ of sorts I suppose it does make sense. However, I find it hard to conceptualize investing in something where you can’t really see tangible value too easily. The only thing you really get when you purchase an NFT is the ability to sell it again. I suppose it’s a positive direction for artists and creators looking to safeguard the ability to monetize their digital works, but even that seems like a stretch to me. In the digital landscape at least, I can’t see the same appeal of owning something versus owning a one of a kind painting or something like that. At least with physical property you have tangible ownership. Nevertheless, I don’t see this going away. Perhaps given more time I’ll change my tune, but for the moment I think I’m still hanging out in “I really don’t get it” camp.
With the rise in poularity in NFTs there is going to be a lot of people that jump into it without doing their research. These are the types of people that are most likely to get caught by these scams. Having a good set of practices when it comes to clicking links and trusting new people on the internet can decrease your odds of falling to one of these attacks by quite a lot. Personally, I do not understand the hype and popularity behind NFTs as it is essentially just a receipt not even an actual item. However, it seems that NFTs will only become more popular and hopefully people actually do their research and protect themselves before they start investing.
This post well reflects that hackers take advantage of loopholes to obtain money and information by attacking people’s computers. For this reason, there is a great risk of opening untrusted links and downloading untrusted files. As an investment method without too many restrictions, NFT is easy to attracts the interest of buyers. The hype makes buyers unable to distinguish the real rate of return, and they often ignore the risks. Therefore, we need to understand the risks and make a wise judgment on the purchase of these digital products. On the premise of protecting our money and information, we should avoid hackers from invading the computer, and then invest rationally in the virtual investment platform.
Great Post ! I was really interested in investing in some NFT’s , since i believed before that the market is safe , especially that whenever you want to log in they ask for double authentication. But after reading this post , i think i have to think twice again before investing in this market.
So if I understood correctly, hackers are posting links pretending to be NFT’s and then infecting the person who clicks those links with malware. Like you said, now that almost everything can be done on the internet I’m not surprised that hackers are targeting the most popular features on the internet, since it would mean the most profit. It is unfortunate that they would target NFT buyers like this since they seem like a cool investment (although I have not yet gotten into NFT’s or FT’s). I hope that buyers become more aware and look twice before clicking random links, although sometimes it can be hard to distinguish real from fake, so I don’t blame victims.
Never let a crisis go to waste. I think this motto is best seen with hackers who would make use of every situation and I am always astounded by their creativity. I think the future will be focused on hype to attack as many people as possible. In fact, I was reading a new article on how many hackers are pretexting as Ukrainian citizens asking for money to escape from the Russian front. Clearly, NFT will also be made to take advantage as much as possible. Additionally, I was unaware of the concept of NFT. I always thought that it was simply digitized pictures that people inflate in value and sell for millions. Your post gave me a pretty solid understanding of the mechanism of NFT and how it works. Also, it has opened my mind to the downsides of NFT because the success of NFT attacks will only increase in frequency. Finally, I was wondering if there is any way to determine if a file might be unsafe to open especially with NFT?
Great post! After a number of crypto wallets belonging to users of the largest NFT exchange, OpenSea were unexpectedly emptied, the attack was launched. Check Point researchers discovered a particularly severe variant of NFT in circulation, one that comes with its own malware bundle.
People were receiving free NFTs from an unknown source, but when they accepted the gift, the attackers gained access to their wallet information stored on OpenSea’s servers. The code caused a pop-up to appear, which when clicked allowed wallets to be emptied.
Following the disclosure of the problem, Within an hour, Opensea had a remedy in place – we wish more companies were as quick – and the platform looks to be safe. However, be wary of “free” presents, especially if money is involved.
Great post! With cryptocurrency on a rise NFT’s are causing problems like you mentioned. When I first heard about them I must admit they seemed kind of cool? I just wasn’t as educated about them as I am now, however now I would saw otherwise. Just like NFTs bitcoin has also been posing a problem, a lot of people have been getting scammed and have been getting their social media accounts hacked. It’s such a worrying situation to be in. I also hope that there is a way to inform people about these things, because it’s about ones privacy not in the real world but also the online world as well.
Great post. You’ve made a solid point on how everything has shifted to being online currently, even shopping, instead of going to the mall, people now can just buy whatever they want online from the comfort of their own home instead of having to wait in long lines at the mall. This increase in online activity has opened up many new opportunities for hackers to attack. NFTs, have become super popular recently, especially the non-fundible art ones which are being sold for millions of dollars. It sucks that hackers are now using this to attack peoples computer’s and steal their private information. People need to start taking precautions when buying NFTs because these types of attacks are very dangerous.
That was a very informative post Zhiyuan. I have been hearing a lot about NFTs recently and trying to keep up with the news since it is a fascinating topic. I have heard about the pros and the cons and personally am on the fence regarding NFTs. Honestly, after reading your article, I am even more concerned because I was not aware of BitRATs. Influencers on the internet and celebrities have been endorsing these NFTs a lot but we rarely see people talk about the security and privacy aspects of these. The general public might see their favourite influencer telling them to buy NFTs but unbeknownst to them, they might be getting hacked as they click on some problematic link while thinking they’re entering the new age of the internet. I have heard multiple times how the whole concept of buying and selling NFTs is like a Ponzi scheme and to be fair, this argument has merit. People need to understand what they are getting themselves into without jumping on the bandwagon. NFTs might seem like a get-rich-quick scheme, but like most of these schemes, they are too good to be true. Scammers use these buzzwords like “Blockchain” and “cryptocurrencies” to manipulate people and it’s tragic that innocent people fall for it just because of a lack of awareness and due diligence.
Good post Zhiyuan! I like how you clarified the difference between NFTs and FTs and explained how both are cryptocurrencies, but NFTs in particular are unique. It seems that as the internet has evolved, so has have the ways to attack and steal information. I fully agree what you said about how the rise in popularity NFTs has led to misinformation, confusion, and use by less computer and security/privacy literate individuals, which scammers and hackers have exploited in order to profit and steal. This trojan appears particularly devastating as it steals and gains access to everything on your computer. Hopefully, some form of education or outreach can be developed to teach people to be more cautious, but currently many are blinded by the desire to cash out on a trend and can easily fall victim. I have heard only a little about NFTs in the past- if I ever do decide to get my feet wet, I’ll be sure to take this post to heart and put my security and privacy first.
Nothing like the promise of transactions ranging in the hundreds of thousands to millions of dollars to have more than a few hackers looking to ruin someone’s day.
NFT’s are an interesting system at the moment. It’s a revolutionary technology that could be used to fix so many issues with modern day digital signatures, such as a digital contract that is actually binding. However, we decided to use it for a pretty dumb idea of selling art and whining when people hit save, which could impact how we witness the future of this tech. I find it hilarious how people fall for the most basic of scams as well, especially because this is such a new concept that’s trading with such high volumes of cash, drawing in those unwise or uneducated. I bet you could just send an email to someone like “Congratulations on winning the auction! Download this file to receive your NFT!” and just load it up with a witches brew of malware (which doesn’t actually seem that far from the truth), someone would be bound to bite.
All in all, I wish we weren’t using NFT’s to sell digital art. Pay artists in cash, use NFT’s for cool things that fix issues, get off the copium that tells you “yeah bro i swear this is gonna go huge bro my ROI is massive bro im just waiting for a spike then imma dump bro.”, inform yourself before dipping into anything that may either make you a millionaire, or put you on the streets.
Great post, I’ll be keeping an eye out to see how this evolves.
NFTs typically do not require any downloading, as most NFT transactions are done through marketplace sites such as OpenSea and Looksrare, which require a browser extension wallet such as Metamask to send and receive these NFTs. The biggest red flag in this case is that an Excel file was required to be downloaded.
Interesting post. As some commenters above have noted, generally you aren’t going to opening an NFT from an excel file, it’ll be traded through your wallet. I wonder, then, if this is similar to the old email phishing scams that attempt to select for people that they don’t believe are smart enough to know its a scam.
Furthermore, on your comment on the patent office, I’m curious what backs up an NFT’s “claim” to a specific piece of artwork or other thing. With the patent office, there are laws in place that bolster what the patent office does, but with NFTs it seems that all there is is a note on a blockchain somewhere that associates your name with the thing in question. Is there more to it than that?