Ape Theft Is an Expensive Way to Learn About Crypto’s Security Philosophy

People are losing their valuable NFTs to scams. Should platforms be held responsible?

By Will GottsegenLayer 2
AccessTimeIconJan 3, 2022 at 9:14 p.m. UTCUpdated Apr 8, 2022 at 1:50 a.m. UTC
By Will GottsegenLayer 2
AccessTimeIconJan 3, 2022 at 9:14 p.m. UTCUpdated Apr 8, 2022 at 1:50 a.m. UTC

Will Gottsegen was CoinDesk's media and culture reporter.

Last week, an NFT trader named Todd Kramer made a simple plea on Twitter.

“I been hacked,” he wrote. “All my apes gone. This just sold please help me.”

Kramer was referring to his cache of Bored Ape Yacht Club NFTs (non-fungible tokens) – now the single most valuable franchise of crypto collectibles. They’ll run you about $276,000, at the cheapest, and Kramer had eight of them, along with seven from a spin-off collection called the Mutant Ape Yacht Club, before his tokens were siphoned away in a phishing scam.

Almost immediately, Kramer’s “apes gone” post went viral.

This article is excerpted from The Node, CoinDesk’s daily roundup of the most pivotal stories in blockchain and crypto news. You can subscribe to get the full newsletter here.

NFTs already have a terrible reputation among the non-crypto crowd (which is to say, most people), thanks to their fraught relationship with the concept of “digital property rights” and the environmental impact of proof-of-work blockchains like Ethereum. More than a few brands have reneged on planned NFT drops after facing intense backlash on social media.

And while it’s not exactly surprising that the anti-NFT crowd would find a little schadenfreude in Kramer’s tweet, what’s more so is that crypto’s true believers – the kinds of people who are already immersed in NFTs – were equally derisive.

That’s because the culture of crypto places an outsize emphasis on personal responsibility. One of the nice things about banks and other centralized financial institutions is that they’re required to take certain steps to protect your money. Those protections can come in the form of deposit insurance and fraud protection, but also little security features like “forgotten password” mechanisms.

So-called “unhosted” crypto wallets like MetaMask ask users to keep track of their own private keys; if you lose them, there’s no way of getting them back. “Not your keys, not your coins,” goes one longtime crypto mantra.

There’s something inherently silly about having a significant chunk of your net worth (Kramer claims it was around $2.2 million) tied up in illiquid JPEG files. But for me, the “apes gone” controversy mostly speaks to a kind of widespread hypocrisy in the NFT market.

The billionaire Mark Cuban, who spent the first half of last year breathlessly championing DeFi (“decentralized finance”) programs and pumping his crypto investments in appearances on major TV news networks, made a similar plea last summer after some of his holdings went to zero. In a statement to Bloomberg, Cuban explicitly called for greater regulation of the crypto space. He was a lot quieter in the second half of the year.

Consumer protection laws, though they’re never perfectly conceived or enforced, exist for a reason. Saturated, unregulated markets like crypto are natural targets for scammers, and even the savviest traders can lose millions with a stray click.

OpenSea, the largest NFT marketplace, was able to halt trading on the stolen assets and flag them as having been involved in a scam. But because OpenSea is mostly just a front-end trading interface, and Bored Ape Yacht Club NFTs are hosted on the Ethereum blockchain, the company couldn’t actually return any of the tokens.

He did get some of them back, though. And ironically, the Twitter users dunking on Kramer may have played a crucial role, amplifying Kramer’s plea and rallying members of the Bored Ape community to help retrieve the tokens.

Kramer isn’t the first trader to lose his Bored Apes to a phishing scam. Another NFT enthusiast, Calvin Becerra, made a similar splash on Twitter after losing three tokens in November. He even wrote a note to the apes’ captors, asking to work out a deal for their safe return (he also listed the note as an NFT, naturally).

Accepting decentralized infrastructure means accepting these risks. If you’re going to advocate for a new, independent financial system – one without regulation, fraud protections and many of the other safeguards that help people hang onto their money – then there’s no point in appealing to centralized mediators when the system starts to work against you.

DISCLOSURE

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

CoinDesk - Unknown

Will Gottsegen was CoinDesk's media and culture reporter.

Trending

1
CoinDesk - Unknown
OpenSea Reports Email Data Breach

An employee at an outside contractor tasked with managing OpenSea email newsletters copied the list of customer emails and shared it with an outside party, OpenSea says.

CoinDesk - Unknown
2
CoinDesk - Unknown
Grayscale Sues SEC Over Bitcoin ETF Application Rejection

The SEC rejected Grayscale's application to convert its Grayscale Bitcoin Trust to an exchange-traded fund earlier Wednesday.

CoinDesk - Unknown
3
CoinDesk - Unknown
SEC Rejects Grayscale’s Spot Bitcoin ETF Application

Grayscale has said it was prepared for “all possible post-ruling scenarios."

CoinDesk - Unknown
4
CoinDesk - Unknown
Coinbase is Reportedly Selling Geo-Location Data to ICE

Watchdog group Tech Inquiry reported the new details about Coinbase’s three-year contract with the U.S. Department of Homeland Security.

CoinDesk - Unknown