Hackers Steal Gallery Owner’s $2.2M NFT Collection

A phishing scam drained New York-based art gallery Ross + Kramer Gallery's Ethereum wallet of 15 NFTs valued at a total of $2.2 million. The hackers also sold many of the haul, including four Bored Ape NFTs.
"I have been hacked. All my apes gone," Todd Kramer, the owner of the gallery, wrote in a now-deleted tweet on December 30. "This just sold please help me." reported ArtNews.
Bored Ape Yacht Club, #9410, 2021
Interestingly, while the supporters of blockchain technology celebrate and eulogize its decentralized system the same became trouble for Kramer, who couldn’t find legal means to get his NFTs back. Predictably, a lot of Twitter users teased Kramer for betting on an unregulated, decentralized system that would be unable to help him.
"Man, if only there had been some kind of regulating authority in place that could like insure your investments against theft and fraud," twitted one user.
Luckily for Kramer, the OpenSea NFT marketplace itself came to help him, which helped him coordinate with the buyers of his NFTs and get at least several of them back. "Update.. All Apes are frozen,,. Waiting for opensea team to get in,,,lessons learned. Use a hard wallet.." wrote Kramer in another Tweet, that also was deleted later.
But OpenSea's involvement also sparked controversy among users, where they criticized its involvement and decried the freezing of user accounts by the platform. Some also pointed out that OpenSea could only freeze its's own user’s ability to interact with the NFT, but those tokens could still be bought and sold elsewhere.
"We take theft seriously and have policies in place to meet our obligations to the community and deter theft in the wider ecosystem," wrote OpenSea to artnews in an email.
Since NFTs have witnessed a high jump in value in the last couple of years, phishing scams also have become more frequent to get them. Crypto and NFT holders can protect better themselves by using a hard wallet, also dubbed "cold wallet", which is physical and only connects to the internet when plugged in and engaged.