As most of you will already know, wallet security probably the most important thing to understand when getting involved with cryptocurrency. There have been countless hacks of people’s hard earned assets, and there has been an especially large number of hacks in the NFT space. Some of the top NFT hacks are listed here, but this list does not even begin to mention the countless hacks that have happened to individual users.
The trustless nature of crypto is a double edged sword. While not having to trust a third party to manage assets is great in the sense that we do not have to trust a bank, it is not so great when we find out that we have no recourse when our assets are stolen. Just from keeping up with my Twitter feed, I have seen too many people to count saying that they have been hacked.
Popular methods of stealing assets include social engineering, fake swap sites, and “Free Mints” which are actually wallet drainers. Hackers will often post such links from reputable places such as a larger Twitter accounts if they can gain access. One such hack occurred on the BAYC Instagram page last year. These hacks exploit customer trust, and aim to have users rush to interact with the scam link.
New year, new scam, and this time it is not a wallet drainer, but remote access malware which is being downloaded onto victim’s laptops. Victim’s emotions are being exploited with the promise of Pokémon NFTs. Hard to resist I know. Just imagine owning one of only a limited number… Imagine the price going up!!!
But no, it is just a virus, being cleverly introduced to your PC, and once it is there, the whole machine is compromised. Keyloggers then be present on the machine, meaning that anything that is typed in can then be relayed back to the hacker. This includes credit card details and passwords. Best not to get such a virus in the first place.
The best way to protect yourself when minting NFTs is to do tons of research about the mint. Know what time the drop is supposed to happen, and do not try to mint at any other time. Stealth drops are very unusual and are best avoided, most NFT launches are scheduled well in advance.
When accessing a minting site, it is best to do it through hyperlinks on Twitter or some other trusted source if possible. Google searches can sometimes be compromised with websites that look extremely similar.
Much of the details about the Pokémon fake mint can be found here. One point that is made in this article is that Pokémon and their creator Game Freak never made any mention of an NFT drop in the past. Doing your own research uncovers these things, and may just save your wallet or your PC…
