NFTs, digital art pieces. With all criminal consequences

NFTs, digital art pieces. With all criminal consequences

On the 14th of May 2021, the Uffizi Gallery in Florence has created (“minted” in the jargon) and sold its first NFT: the digitised image of the masterpiece of Michelangelo “Doni Tondo”.

The physical painting is still in the Gallery, but a woman in Rome bought its digital representation for $ 170,000. The NFT had a certification of authenticity signed by the museum’s director Eike Schmidt. Is it only an “authenticated” image or much more? The question has been lurking in cyberspace for years, and criminals take advantage of it.

What are the NFTs?

The NFTs (Non-Fungible Tokens) are digital assets. Like cryptocurrencies, a blockchain records their ownership and authenticates them. Every transfer (trading, sale or purchase) is registered and verified within a smart contract.

Unlike cryptocurrencies, they are non-fungible. A unit of bitcoin has the same value and form as another. NFTs are not interchangeable because they have different authentication numbers, contracts, and ownership receipts.

The NFTs are the digital representation of a unique good. The item represented could be everything: a tweet, an SMS, a photo, a painting. The NFT creates a virtual token of this item.

Scarcity vs Right-Click Mentality

Like a canonical piece of art, an NFT is unique. So, NFTs introduced the concept of scarcity in the digital realm, giving more value to each token. Some artists saw the NFT finally as a profitable way to sell their works.

However, not all people agree. NFTs are commonly representing unique videos, images, and GIFs. For example, an NFT could be the digitised representation of the illustration of an ape. But if this illustration of the ape is unveiled, everyone seeing it on the internet can “right-click” and save it on its device.

A debate is open. Someone thinks buying an NFT makes you the actual “owner” of the connected image through a receipt. Others don’t see any difference between getting a certificate of authenticity or storing a JPEG file on their computer without buying it.

They are positions touching the core of the art in general: the authenticity, the work of art in the age of digital reproduction, paraphrasing the German philosopher Walter Benjamin.

NFT Cybercrimes and other crimes

Today, NFTs are essentially speculative assets. And as of that, they are subject to a series of crimes.


As unique pieces of art, they are subject to traditional “art crimes” despite being made with digital means:

  1. sell fake: hackers can sell an unauthentic copy of an NFT; or scammers can promote NFTs as if the creator is a different person, such as a real artist;
  2. money laundering: the value sent to NFT marketplaces by illicit sources crossed $ 1.4 million in the fourth quarter of 2021, according to the company Chainalysis;
  3. insider trading: in September, an employee at the NFT marketplace OpenSea (where NFTs are sold) used some information to buy NFTs before the promotion on the website;
  4. Copyright exploitation: the ownership of an NFT doesn’t equate to owning the copyright or granting any rights to the intellectual property underlying the NFT. In November, the Hollywood studio Miramax filed a lawsuit accusing the director Quentin Tarantino of copyright infringement. Tarantino wanted to sell NFTs based on the screenplay for his movie “Pulp Fiction” (1994). The studio asserted it held broad rights to the film.


NFTs are subject to more specific cybercrimes (hacking, rug pull, wash trading) as digital assets.

Hacking accounts

NFT accounts are digital wallets where the NFTs owned are stored. In March 2021, the NFT marketplace Nifty Gateway informed that some users experienced irregular access to their accounts (hacking), probably after stealing their passwords. Some NFTs were stolen, others were purchased and then stolen using stored credit card information.

Several compromised users could recover their losses, despite when a smart contract executes an NFT transfer, it shouldn’t reverse it. To avoid problems like these, someone proposed introducing a registry of stolen or fraudulently purchased NFTs.

The Rug Pull

A frequent cybercrime is the rug pull. The creators of an NFT artworks collection advertise their tokens to sell them, proposing a path for developing the artistic project. In the case of rug pull, they shut down the project when they gain some money, making away with investors’ funds.

The last astonishing case happened last January. The creators of Frosties, a digital collection of colourful ice-cream-scoop characters, disappeared with $ 1,2 million earned with the scam project. The list of rug pulls is broad, and it will be longer and longer.

It’s difficult to recognise a dishonest project from a trustful one. Scammers, too, manage consistent social network profiles, give detailed information about the tokens, and create active chat groups on Discord (an application mainly used for NFT communications).

Wash Trading

Another regular practice is wash trading. Creators of an NFT execute a transaction where the seller and the buyer are the same person. Scammers sell and buy the token with the same money, intending to make the asset’s value look higher than the real one. Then, they can resell the NFT to an external user stating that the token has been previously sold at a conspicuous price.

According to statistics on NFT ecosystems, reported by an article in “Nature” published in 2021 (“Mapping the NFT revolution“), the top 10 % of traders alone perform 85 % of all transactions. In 2021, the company Chainalysis identified a group of 262 users that sold NFT to a self-financed address more than 25 times. Most NFT wash traders have been profitless. But “successful NFT wash traders profited so much that, as a whole, this group of 262 profited immensely overall”.

NFT chainalysis

The Tulip Mania

In March 2021, the journalist Scott Reyburn in the “New York Times” asked if NFTs are the “Next Frontier in Trading or a new form of Tulip”. In the XVII century, a bubble in the Netherlands made soar and made crash the price of the tulip within a month: the bulb value fell by 95 % in a few weeks. Tulip Mania became a “byword for the irrationality of financial bubbles”.

The article divulged some words (about the NFT project “B.20“) by Michael Moses, the founder of Mei-Moses, a database of auction sales. “Value is something incorporated over time, not added instantly,” he said.

With NFTs, purchasing is like gambling. You don’t know how much the tokens could value, and you have no idea of the future prices of the tokens. An unregulated and unpredictable market fit for scams and frauds.