OpenSea, a nonfungible tokens (NFT) marketplace, has frozen 16 Bored Ape and Mutant Ape nonfungible tokens (NFT) after allegedly being taken from a New York art gallery operator yesterday. One Clonex, seven Mutant Ape Yacht Club, and eight Bored Ape Yacht Club NFTs were taken in total, with a total value of 615 ETH ($2.28 million). In addition, they are no longer available for trading on OpenSea.
The toddkramer.eth account, linked to the Ross+Kramer Art Gallery in New York, sent out a series of tweets revealing the 16 NFTs stolen from his hot wallet and begging for assistance from OpenSea and the NFT community.
The lawsuit follows from the filing of two similar complaints have been filed against OpenSea, one filed in federal court in Nevada and another in a Texas federal court, with both centering on the alleged theft of Bored Ape NFTs from the OpenSea platform in the wake of the January 2022 phishing attack and both generally accusing the platform of failing to maintain “common sense and reasonable security measures” to protect users from fraud and from the sale of stolen NFTs.
The enduring rise in claims of phishing and theft of high-value NFTs also comes as headline-making deals are coming into fruition in the NFT space. BAYC creator Yuga Labs, for instance, acquired the IP of the CryptoPunks and Meebits NFT collections from Larva Labs, another giant in the digital assets space, in March.
I been hacked, all my apes gone,” he Tweeted.
A hot wallet is a type of cryptocurrency software wallet that is connected to the internet — most commonly MetaMask — whenever the device it is installed on is connected.
NFTs are cryptographically unique digital tokens that prove ownership of physical or digital content such as art, GIFs or music file. Bored Ape Yacht Club is one of the most popular PFP (profile picture) collections, a series of cartoon ape images with randomly-generated attributes.
Some people have argued that appealing to a third party to freeze NFTs went against the core idea of decentralization, one of the cherished aspects of the crypto industry.
Among many others voicing out their criticism towards the lack of decentralization, famed software engineer Grady Booch chimed saying, “silly me.
Vasile claims that OpenSea “continued to operate, risk[ing] the security of its users’ NFTs and digital vaults in order to continue collecting 2.5 percent of every transaction uninterrupted.”
The “proximate result” of OpenSea’s failure to take action, per Vasile, was the loss of his NFT, which has “significant value” thanks to its rarity compared many of the 10,000 NFTs in the BAYC collection. According to the lawsuit, Vasile’s Bored Ape has a rarity score of is 71.44 and a rarity rank of #7589, making it “a highly desirable NFT, due to the rarity and certain characteristics (e.g., the Captain’s hat, colors, etc.).” Beyond that, Vasile states that he was actively deriving value from the NFT in the form of royalty revenues, as the Bore Ape at the heart of his NFT was licensed to “The Writer’s Room,” and therefore, generated royalties from fellow Bored Ape Jenkins the Valet.
Craig Wright and others have long since claimed that developers such as those involved in OpenSea, Blockstream, and others, are liable for things such as ignoring exploits that end up costing users.
Slowly but surely, the digital asset industry is waking up to the fact that the long arm of the law extends into the digital realm. Having possession of an item does not make it yours. As this Bored Ape NFT case will likely demonstrate, ownership of property is proven in real-world courts and not by having a certain item in one’s possession at a given time.
The most secure blockchain to develop on is BSV
Of course, it would be better if cases like this could be avoided in the first place.
Twitter is ruuuuuuthlesssss
— toddkramer.eth (@toddkramer1) December 30, 2021
While Kramer has little recourse in retrieving the stolen NFTs, his experience highlights the importance of sound operational security (opsec) as a cryptocurrency trader or NFT collector. He said that he has learned a lesson about opsec in handling valuable cryptocurrency when he tweeted yesterday:
Lessons learned. Use a hard wallet…
A hard wallet, otherwise known as a cold wallet, is a crypto wallet that does not connect to the internet until manually plugged into a computer and then each transaction needs to be approved using physical buttons.
Hard wallets are a superior measure over hot wallets to secure crypto assets.
Kramer’s ordeal is not a unique experience to NFT traders, especially those familiar with the Bored Ape Yacht Club collection.
Grady Booch, a known software engineer, mocked the situation by saying that his idea of cryptocurrencies involved the elimination of all sorts of intervention.
Kramer revealed that he lost his assets in a phishing scam where the hackers gained access to his wallet when he clicked on a suspicious link. However, after seeing the unsympathetic comments on his post, Kramer deleted the tweet and called Twitter ruthless. He stated in one of his tweets that he has learned his lesson because of the theft and is now aware of the diligence required for handling valuable crypto assets in a hard wallet.
The incidences of theft and frauds are not unfamiliar for the crypto and NFT industry.
Earlier an NFT collector named bergpay.eth lost five Jungle Freaks and two Sandbox NFTs in his Ethereum wallet.
He claims he did not put it up for sale.
OpenSea collects 2.5% of every transaction, and McKimmy claims it put collecting these fees above the security of its users’ NFTs. The lawsuit accuses OpenSea of breach of contract and negligence.
McKimmy also claims he repeatedly tried to bring the exploit to the attention of OpenSea.
Besides being rare and cool-looking, each BoredApe NFT token doubles as membership to an exclusive online hangout called the swamp club. When BoredApe YC launched in April, they sold out in a single day for just. The BoredApe Floating Club is a Collection of 2000 unique Floating Ape.
Constructed from nearly 150 Possible Traits Each Ape is unique with Features, Identities and Personalities Combined from many Different Categories..
NFT for 24.89 ETH ($81,363), a fraction of its value.” (The plaintiff contends that at some point prior to his NFT being stolen on January 26, 2021, it was listed for 135 ETH ($441,302).) Within an hour of the “forced sale at 24.89 ETH,” Vasile – who acquired the NFT in August 2021 for 12.65 ETH – states that it was then “resold to another user for 92.9 ETH.”
Despite having “full knowledge” that security issues were putting its platform and the tens of millions of NFTs listed on it at risk, Vasile alleges that OpenSea “did not properly inform its users and did not timely put adequate safety measures in place” leading up to or in the immediate wake of the widely-reported January 2022 phishing attack that reportedly cost OpenSea users millions of dollars in stolen NFTs, including more than one Bored Ape Yacht Club NFT.
Following an apparent phishing attack, OpenSea has frozen 16 Bored Ape and Mutant Ape nonfungible tokens (NFT) owned by New York-based art curator and NFT collector Todd Kramer a.k.a. Toddkramer.eth.
Kramer reported on Twitter that his collection of Bored Ape Yacht Club NFTs worth $1.9 million was “hacked” and stolen.
According to several reports, one Clonex, seven Mutant Ape Yacht Club, and eight Bored Ape Yacht Club NFTs currently valued at about 615 ETH ($2.28 million) were stolen and are now not able to be traded on OpenSea.
Kramer announced on Twitter that he had clicked on a link that appeared to be an NFT decentralized application, but it turned out to be a phishing attack and 16 of his NFTs were stolen after the hackers gained access to his hot wallet.
It would save a lot of grief and headaches, not to mention money in the form of fees, if developers launched their platforms and applications on secure blockchains that work within the law. Right now, only BSV fits that bill. Aside from its superior scaling capabilities and extremely low fees, BSV is the only blockchain on which actual NFT data is stored on-chain forever.
Ethereum supporters are seeing the value of writing data on-chain for social, gamefi and NFTs.
This is only possible on Bitcoin BSV. https://t.co/mHEehEdKdx
— Hector Lopez (@hlopez_) February 23, 2022
While NFTs on platforms like OpenSea are not stored on the Ethereum blockchain, on BSV, they’re stored immutably on-chain. What’s more, there’s an unbroken, time-stamped tamper-proof record or ‘log’ every time any digital asset changes hands.