Page cover

Cybersecurity

The rise of Non-Fungible Tokens (NFTs) has brought about a new frontier in digital ownership and digital assets. NFTs are unique digital assets that are stored on a blockchain, allowing for true ownership and scarcity. However, as with any new technology, there are security risks that must be taken into account. In this essay, we will explore the various NFT security risks and discuss how to mitigate them. We will focus on how to avoid monkey drainers when minting off a site, how to use the Wallet Guard browser extension to run simulations on transactions, how to make burner wallets with Phantom Wallet, how to tell if a NFT project is a rug, and what the best personal security practices are when exploring the world of NFTs.

MONKEY WALLET DRAINERS

One of the biggest risks when it comes to NFTs is the possibility of having your wallet drained, also known as "monkey draining," when minting off a site. This occurs when a hacker is able to trick you into signing away your wallet and transfer your funds to their own wallet. To prevent this from happening, it's important to check the URL of your Mint page and use a hardware wallet to store your private keys. Hardware wallets are physical devices that are designed to protect your private keys from being stolen by hackers. They are considered to be the most secure way to store your private keys. Examples of hardware wallets include Ledger and Trezor.

TRIPLE WALLET METHOD

The triple wallet method for blockchain wallets is a strategy that involves creating three different accounts within the same wallet. The first account is called the exchange wallet and is used exclusively for trading on a specific exchange, such as Coinbase. The second account is called the treasury wallet and is used to hold all of the user's assets that they want to protect. The third account is called the burner wallet and is used for temporary storage when engaging in potentially risky activities, such as minting NFTs from unknown sources.

🏛️The treasury wallet is used to hold all of the user's assets that they want to protect. This wallet should be linked only to the user's personal devices and should not be accessible from any other device. The user should use strong passwords and two-factor authentication to secure this wallet and should store the backup seed phrase in a safe location.

🏦The exchange wallet is designed to limit the amount of funds that are at risk in case of a security breach on the exchange platform. By keeping only the funds that are needed for trading on the exchange in this wallet, the user can minimize their exposure to potential losses. This wallet should be linked only to the specific exchange that the user is trading on and should not be used for any other purpose.

🔥The burner wallet is a temporary account that is used for a specific purpose and then discarded. This is a useful security measure because it allows you to separate your assets and minimize the risk of a hacker gaining access to all of your assets in one go. Phantom Wallet has a tool that allows you to easily create and manage burner wallets.

WALLET GUARD PC BROWSER EXTENSION

Wallet Guard: https://walletguard.app/

Video Demo: https://mobile.twitter.com/wallet_guard/status/1592895509643268098

Free anti-phishing extension for Chrome & Brave.

  • Prevents common forms of phishing via our algorithms

  • 90% of hacks begin with a form of phishing

  • Prevents interactions with malicious websites and dApps

Another way to protect your wallet from monkey draining is to use a browser extension like Wallet Guard. Wallet Guard is a browser extension that is designed to run simulations on transactions and alert you if there is a risk of your wallet being drained. It works by analyzing the destination address of a transaction and comparing it to a database of known phishing sites. If a match is found, Wallet Guard will alert you and prevent the transaction from taking place.

ZENGO PHONE APP WITH WEB3 FIREWALL

The only phone wallet available that has the same capabilities as Wallet Guard Browser Extension is luckily a very decent one. We do not recommend using this as your main wallet, but it is an excellent burner wallet for checking if something is safe on a phone.

LogoZengo Crypto Wallet: Secure by defaultZengo
Built-in Web3 firewall

REVOKE TOKEN ALLOWANCES

Regularly revoke token allowances from minting sites and other dapps to ensure that they no longer have access to your tokens. ETH: https://revoke.cash/ SOL: https://famousfoxes.com/revoke

How to revoke Manually in Phantom Wallet

PERSONAL SECURITY

Be mindful of personal security when exploring the world of NFTs. This includes using strong, unique passwords for each account, being wary of phishing attempts, not sharing personal information or private keys with anyone, and keeping your devices and software updated to the latest version.

Using a virtual private network (VPN) like NordVPN is also recommended, this will encrypt your internet connection and protect your personal data from cybercriminals.

LogoThe best VPN service online for free, open internetNordVPN

2-step Authenticator Apps and SMS authentication are more layers of security. Discord is a great example of this, make sure you have that enabled for it.

LogoSetting up Multi-Factor AuthenticationDiscord

SOCIAL ENGINEERING

Social engineering refers to the practice of exploiting human psychology to gain unauthorized access. In the world of NFTs, scammers may use social engineering techniques to trick users into getting hacked in one form or another. For example, a scammer may create a fake NFT giveaway that requires participants to connect to a drainer website to get the prize.

RUG PULLS

Be able to identify a "rug pull." A rug pull is when a project's creators suddenly or slowly withdraw all of the liquidity from a project, leaving investors with worthless tokens. To avoid falling victim to a rug pull, it's important to research the project and its team before investing. Check if the team has a history of successful projects, and look for red flags such as anonymous team members or lack of transparency. Trustworthy projects have a clear vision and a working product or prototype before mint. Also, look at the ratio of holders to supply. If a few whales hold the majority of the token it is a good indicator of a honey pot that could turn into a Rug.

Airdrops and Giveaways

NFT giveaways are a common marketing tactic used by NFT platforms to increase the visibility and community acceptance of their tokens. However, scammers may also use giveaways to trick users into getting hacked. In some cases, scammers may create fake giveaways or airdrops that promise free tokens or NFTs to participants who unknowingly allow their permission for a scam. These scams may use social engineering techniques to make their offers seem more legitimate. Often they will impersonate a legitimate project or marketplace, but we warry most airdrops are fake.

Fake White List Tokens

Fake whitelist tokens are another common scam in the NFT world. Scammers may create fake whitelist tokens that are designed to look like legitimate tokens but are actually worthless. These tokens may be airdropped to unsuspecting buyers who believe that they are getting in on an exclusive investment opportunity. It is important for NFT buyers to carefully research any project before investing, and to verify that the token is legitimate before assuming they have a White List Airdrop. The best way to do this is to look for official links and then scrutinize the project to establish it is not a rug pull. Use a burner wallet if you want to try it out.

How to "Burn" Fake or Unwanted NFTs and Tokens

To burn unwanted NFTs on the Solana network using Phantom wallet, you can follow a few simple steps. Firstly, select the NFT that you want to burn from the Collectables tab in your wallet. Then, click on the three dots located in the top right corner of the NFT's thumbnail image. From there, select "Burn Token". You will then be presented with a confirmation screen, which will ask you to double-check that this is the correct NFT that you would like to burn. It's important to note that burning an NFT is a permanent action that cannot be undone, so make sure you are certain before proceeding. Once you have confirmed your choice, the NFT will be permanently removed from your wallet

Make SOL when you burn with SOL Incinerator

To burn an NFT on the Sol Incinerator platform, you need to visit their website and connect your Solana wallet. Once connected, you can select the NFT that you wish to burn and initiate the burning process. The amount of SOL that you can reclaim from burning an NFT varies.

LogoSol Incineratorsolincinerator

PreviousWalletsNextBridges, Portals & Wormholes

Last updated