Top-tier NFT marketplaces usually have a mechanism to prevent hackers from selling their stolen NFTs. For example, Opensea flags these NFTs as “under review for suspicious activity” to warn users not to buy them. Having flagged for suspicious activity dramatically impacts the hacker’s earnings from selling these NFTs, as users usually refuse to accept them.

However, the flagging mechanism takes time. It leaves a period for the hacker to quickly sell stolen NFTs at a vast discount. If the hacker fails to sell them on time, he still has many ways to liquidate them, as indicated in the following sections.

Immediately accept any available offer.

If the hacker is fortunate enough to find a fair offer on the stolen NFTs, they will undoubtedly take it to sell them for cash rapidly. Although there isn’t, he still has many other ways to liquidate his stolen NFTs.

In this case, the innocent offerer must be responsible for this fraudulent NFT. The offerer is forced to liquidate NFT using an alternative solution which may cause a considerable loss.

Use stolen NFTs as collateral to borrow ETH.

BendDAO is a leading NFT lending platform. You can put any supported blue-chip NFT, including the stolen one, as collateral to borrow ETH from the protocol. However, if BendDAO doesn’t support your stolen NFT, you can’t use it.

In BendDAO, you can borrow up to 40% of NFT’s floor price for BAYC and CryptoPunks NFTs. And up to 30% for other supported collections. For example, if BAYC’s floor price is 68.80 ETH, one can borrow a maximum of 27.52 ETH per NFT, which equals 40% of 68.80 ETH.

However, BendDAO may be out of liquidity. For example, on 9 November 2022, only 27.24 ETH was available to borrow for any BAYC collateral. As a result, a hacker gets 27.24 ETH instead of the maximum 27.52 ETH liquidating his stolen BAYC NFTs.

After hackers have liquidated their stolen NFTs by borrowing ETH out of BendDAO, they will run away. They are leaving collateralized NFT as a bad debt for which the BendDAO protocol must take responsibility. Consequently, a cascading liquidation event is likely to happen, forcing BendDAO to enter a liquidity crisis event just like in the second half of 2022. Significantly affect not only the NFT market but also the overall market, as seen in the news.

Although hackers can liquidate their stolen NFTs using this solution, it may not be ideal since hackers get a 60% lower price than selling them in the marketplace. However, it is better than nothing. Let’s discuss the next solution.

Sell NFT in an NFT’s liquidity pool, such as NFTX.

NFT marketplaces usually match NFT in an order book fashion. The reason is that NFTs are created differently. Different NFTs in the same collection may have a different values. However, a solution exists that adopts the liquidity pool system to match buying and selling of NFT. A leading one is NFTX.

There must be liquidity sources for NFTX to function. To stake into the liquidity pool, follow these three procedures:

1. Contribute your NFTs to the pool in exchange for an ERC-20 liquidity token representing a portion of your NFT ownership. We will use Cryptopunk as an example so that you will get a PUNK (ERC-20) token in return.
2. Pair recently earned liquidity tokens (PUNK) with ETH in the Sushiswap pool.
3. Stake the Sushiswap PUNK-ETH LP token into the NFTX vault to earn the yield.

However, some NFTs don’t have enough liquidity; BAYC is one among these. In this situation, these NFTs may not be able to be sold or may do so at a significant loss.

With enough liquidity, hackers can immediately sell their stolen NFTs at a great price. The more liquidity it has, the price is closer to the actual floor price.

There is proof that hackers actively use NFTX to liquidate their stolen NFTs. For example, picking one of the selling MAYC NFTs, you will likely see the “Reported for suspicious activity on Opensea” warning.

Convert a stolen NFT to a new one

This option doesn’t currently exist. However, new ideas are coming to the NFT ecosystems so that you may able to compose blue-chip NFTs to make a new one in the future. The newly created NFT is fresh. You can take this opportunity to immediately sell your freshly created NFT quickly before it gets flagged.

The closest one nowadays is Artgobbler. It utilizes a unique way to let artists draw into a blank page and feed it into the gobbler to create a unique gobbler with provided art in its stomach. If it uses blue-chip NFTs to feed to the gobbler instead, hackers can use this method to wash their stolen NFTs.

Summary

Stolen NFT will be flagged as suspicious by top-tier NFT marketplaces such as Opensea. However, the flagging process takes time, so the hacker can quickly sell his stolen NFT before it gets flagged. If the hacker is lucky enough to have a fair offer, he will accept it instantly. If there isn’t, the hacker can still liquidate his stolen NFTs by using them as collateral to borrow ETH or selling it into a liquidity pool. Hackers will be selling them at the worst price but better than zero.