Sunday, 3 April 2022

NFTs, crime, and mainframes


Collins Dictionary chose NFT as its word of the year in 2021. A non-fungible token (NFT) is a unique and non-interchangeable unit of data, eg a photo, video, audio file, or even a tweet that can be verified. By 2024, Gartner predicts that 50% of publicly listed companies will have some sort of NFT underpinning their brand and/or digital ecosystem presence.

You can think of NFTs as digital assets – something that can be bought and sold, but they really have no tangible form of their own. An example would be an image of two-year-old Chloe Clem, which was sold as an NFT in September 2021 for about $74,000.

Whereas a painting or sculpture might be considered to have a value because there is only one version of the original artwork, digital files can be copied many times. What makes NFTs special is that the artwork is ‘tokenized’ to create a digital certificate of ownership, which can be bought and sold.

In the modern world, Bitcoin (and other cryptocurrencies) are thought of as an alternative to traditional currencies, and NFTs are the alternative to traditional collectables. And, as everyone is warned when buying and selling things, the value can go down as well as up.

What’s to stop criminals copying the photos, or music, or whatever, and passing them off as their own? The answer is that a record of who owns what is stored on a shared ledger known as a blockchain. And that ledger is maintained by thousands of computers around the world.

So, blockchain is often called distributed ledger technology. Existing information can never be updated or deleted in or from a blockchain, only new information can be added. If two computers or nodes disagree about the contents of the blockchain, the version stored on the majority of the nodes or computers is used. A blockchain network can involve thousands of computers or nodes. That makes blockchain resilient, reliable, and available.

Enterprise blockchain applications can run on IBM Z mainframes, on z/OS or on a Linux logical partition. In fact, blockchain applications could access data in CICS, IMS, or Db2, using appropriate APIs

If blockchain runs on mainframes, and NFTs run in blockchain, mainframe users must be worried by all this talk about crime – and there does seem to be a lot of crime associated with NFTs.

According to an article in The Guardian newspaper in February, Lois van Baarle, a Dutch artist, found more than 100 pieces of her art for sale on OpenSea, one of the biggest NFT marketplaces. She hadn’t put any of them there. And she’s not the only artist affected.

It seems that the market for NFTs grew to an estimated $22bn last year. OpenSea has said: “It is against our policy to sell NFTs using plagiarized content”. The thing is that some artists are using NFTs as a way to earn money. However, criminals can ‘mint’ a digital file as an NFT, even though they don’t have the rights to it. And the process is anonymous by default.

Another criminal activity associated with NFTs is wash trading. This is where the same person is the buyer as well as the vendor. Why would anyone want to do that? The answer is to put up the apparent value of an NFT. In the past, it has mainly been associated with crypto-currency exchanges as a way to make it seem like sites have much higher trading volumes. If people connect their wallet to a platform, the wallet’s owner becomes very hard to identify. It’s only through blockchain analysis that transactions like this can be identified. One analysis found that most NFT wash traders have been unprofitable. However, where they have been profitable, those profits have been huge. Wash trading doesn’t seem to be covered by any laws at the moment, and there don’t seem to have been any prosecutions.

A third type of crime now associated with NFTs is money laundering. Basically, NFTs are purchased using ‘dirty’ money, and then sold at a later date. The money from the sale is now legitimate. That original purchase is made using an ‘illicit wallet’. An ‘illicit wallet’ is a wallet or crypto address associated with criminal activities such as ransomware, malware, hacks, scams, terrorist financing, sanctions, child abuse materials, fraud shops, and darknet marketplaces.

Lastly, the BBC website has reported that the UK tax authority has seized three NFTs as part of a probe into a suspected VAT fraud involving 250 alleged fake companies. According to HM Revenue and Customs (HMRC), three people were arrested on suspicion of attempting to defraud it of £1.4m. The authority said it was the first UK law enforcement to seize an NFT. It also warned others who thought they could use crypto-assets to hide money from HMRC.

The suspects were alleged to have used “sophisticated methods” to try to hide their identities including false and stolen identities, false addresses, pre-paid unregistered mobile phones, Virtual Private Networks (VPNs), false invoices, and pretending to engage in legitimate business activities.

HMRC said it had secured a court order to detain the seized crypto-assets worth about £5,000 and three digital artwork NFTs, which have not been valued, while its investigation continues.

Nick Sharp, deputy director economic crime, said: “We constantly adapt to new technology to ensure we keep pace with how criminals and evaders look to conceal their assets”.

Probably, none of these crimes have taken place on a mainframe, but this should still act as a warning to sites using mainframes for blockchain and NFTs to take care. Criminals are always on the lookout for new ways to make money from illegal activities.

No comments: