Art gallery owner Todd Kramer had his valuable NFT collection stolen from his hot wallet yesterday, so OpenSea froze the stolen assets worth about $2.2 million.
NFT marketplace OpenSea has frozen 16 Bored Ape and Mutant Ape nonfungible tokens (NFT) after they were reportedly stolen yesterday from a New York art gallery operator.
In total, one Clonex, seven Mutant Ape Yacht Club, and eight Bored Ape Yacht Club NFTs currently valued at about 615 ETH ($2.28 million) were stolen and are now not able to be traded on OpenSea.
The toddkramer.eth account, which links to the Ross+Kramer Art Gallery in New York, fired off a series of tweets detailing the 16 NFTs that were stolen from his hot wallet and pleading with OpenSea and the NFT community for help. While the NFT community was often unsympathetic to the trader’s plight, OpenSea froze trading on the stolen items.
@gidwellsoon @Tob_Opensea @j1mmy I have been hacked. Please Help
Ape 2771
Ape 6416
Ape 1623
Ape 1708
Ape 8214
Ape 7528
Ape 9988
Ape 9410Mutants 25057
Mutant 11177
Mutant 28752
Mutant 24718
Mutant 2436
Mutant 9278
Mutant 2434Clonex 6801
— toddkramer.eth (@toddkramer1) December 30, 2021
The freeze on buying and selling the NFTs have some traders decrying a lack of decentralization, one of the cherished aspects of the crypto industry. One Twitter commenter kw.sol said, “Who was able to freeze the n? Feels pretty anti crypto to be asking third parties to do this and ideally they shouldn’t be able to.”
Famed software engineer Grady Booch chimed in about the lack of decentralization in this case when he commented:
“Silly me. And here I thought that the code is the law and that one of the very ideas of cryptocurrencies was the elimination of any possibility of centralized intervention.
A hot wallet is a type of cryptocurrency software wallet that is connected to the internet — most commonly MetaMask — whenever the device it is installed on is connected.
Kramer tweeted that he lost his collection through a phishing scam that gained access to his hot wallet after he clicked on a malicious link. He deleted the tweet following the harsh vitriol in the comments. Kramer most recently tweeted on Dec. 31 that he was surprised by the reaction:
Twitter is ruuuuuuthlesssss
— toddkramer.eth (@toddkramer1) December 30, 2021
While Kramer has little recourse in retrieving the stolen NFTs, his experience highlights the importance of sound operational security (opsec) as a cryptocurrency trader or NFT collector. He said that he has learned a lesson about opsec in handling valuable cryptocurrency when he tweeted yesterday:
“Lessons learned. Use a hard wallet… “
A hard wallet, otherwise known as a cold wallet, is a crypto wallet that does not connect to the internet until manually plugged into a computer and then each transaction needs to be approved using physical buttons. Hard wallets are a superior measure over hot wallets to secure crypto assets.
Kramer’s ordeal is not a unique experience to NFT traders, especially those familiar with the Bored Ape Yacht Club collection.
On Dec. 26, NFT collector bergpay.eth said he suffered a similar fate to Kramer when 5 Jungle Freaks and 2 Sandbox NFTs were stolen from his Ethereum wallet and his ENS domain was transferred to a new address.
On Nov. 30, Twitter account friesframe summed up the frustration that can overcome an NFT owner if they find that their favorite items have been stolen from their hot wallet.
OpenSea has not frozen either bergpay’s or friesframe’s NFTs yet.