What are bots?
Bots are software programs that perform automated, repetitive, pre-defined tasks that imitate or replace human behavior. They operate much faster than people and can be active 24/7. Today, “bots are the worker bees of cyberspace and influence everything that is done online.”
Good bots conduct useful tasks. It is estimated that up to half of all internet traffic today is made up of computer bots conducting tasks like automating customer service and assisting with search engine optimization. Bots are “bad” when tasked to perform criminal activities like click fraud, data theft and scams.
With non-fungible tokens (NFTs) becoming a billion-dollar business, bad bots have become like invasive weeds in the NFT ecosystem, used legally and illegally for personal advantage. Whether a creator, collector or investor, there are many ways bots are used today to separate you from your cryptocurrency and, worse, your NFTs. Here are a few.
Inflated Interest and Demand
Twitter and Discord are key social platforms used by NFT creators to generate interest in their collections and by collectors and investors to determine interest in and demand for NFTs. The platforms are also used to gather information on the team behind a collection: are they real people or are they “anonymous”?
Today, with the right skills, a Twitter bot can be created and deployed in a matter of minutes. Originally, these social media bots were used to remove much of the workload needed to maintain a 24/7 presence on the platform. Now they are typically used for fake accounts with fake personalities and are run by programming language or partially by humans and or by click farms. These bots can do what a person can do: create a profile image, tweet, respond, follow, like, add followers, etc.
Is the account following, hawking, or otherwise endorsing a NFT a bot? Officially, Twitter estimates that 5% of its accounts are bots. With 350 million active users that is 17.5 million potential bot accounts. Dan Woods of cybersecurity firm F5 suggests that more than 80 percent of Twitter accounts are “probably” bots. Honestly, it’s anyone’s guess. That said, there is “massive” room for misinformation regarding actual Twitter engagement on accounts, including those promoting NFTs.
Where there is significant apparent demand, as indicated by the number of Twitter followers, a short window can be created to sell and flip non-fungible tokens. It fosters a “fear of missing out” (FOMO) on scarce tokens and encourages investors and collectors to buy the initial drop or early in the secondary market. Where there is no true strong demand, aka “pump and dump,” there is no robust secondary market for buyers to sell and the floor price falls on their NFTs.
Collector and investor tip: follow collections of interest on Twitter but do not let it be the sole source of information gathered on the collection and the creators. Creator tip: do not rely solely on Twitter followers to gauge demand for your drop. Consider allow-listing your collection to get a better handle on true demand.
Crypto and NFT Theft
Discord is a popular community-based platform used by NFT creators. To make management of their servers easier, Discord encourages the use of bots. For example, one Top 3 Discord bot is MEE6 that is used for server management. It lets administrators welcome new users while kicking out those violating server rules.
The problem is that some bots have vulnerabilities that can be exploited. In the case of Discord, some of the popular bots have been hacked. The MEE6 bot’s vulnerabilities, for example, have been exploited to compromise an administrator’s ability to automatically give and remove roles and send messages to the community.
The chief way these bots and the Discord communities are exploited is when hackers find a way to present themselves as Discord channel administrators. In one instance, they also found a way to keep the true administrators out of the channel until the hack was concluded.
Most NFT buyers join or follow popular Discord channels because they suffer from FOMO and want to be first in line for any new promotions or drops delivered by the creators of a collection. It is exactly this FOMO that hackers target. Posing as a channel administrator they announce a promotion that is active for a limited time and the community member must present their wallet (for the gas fees) to take advantage of it.
Most hackers are in it to collect cryptocurrency from these phantom gas fees. Some, however, are also effective sending commands to the connected wallet enabling them to empty the wallet of valuable NFTs.
In June 2022, attacks linked to NFT minting scams deployed through compromised Discord accounts increased by 55% in comparison to May 2022. Over 100 reports of Discord channel hacks were filed during this time and the NFT community lost an estimated $22 million due to these hacks. Even the largest and most professionally managed Discord servers were hacked. It was reported that in June 2022, the Bored Yacht Ape Club community was hacked not once but twice. (TRM Labs)
Creator tip: be strategic in the use of Discord. Use it to facilitate community and share “free” content while warning against connecting wallets and sending cryptocurrency for surprise promotions. Find other off-platform ways to communicate and initiate new drops and promotions. Place your community’s interests first.
Collector/investor tip: Ask yourself, when chasing a promotion due to FOMO, is it worth the potential cost of lost crypto, stolen NFTs, or the hijacking of your wallet’s address that is then used to spam others?
For this reason — compromised Discord servers — new independent and institutional creators (brands) are skipping this resource altogether.
The beauty of bots is that they can be programmed to perform repetitive tasks 24/7 and do them much faster than an actual person. That includes buying, selling, and trading NFTs. NFT-targeted bots can place an order the moment a sale starts; can calculate, and pay gas fees that place them at or near the front of the line; can make the sale from different IP addresses circumventing restrictions on quantity; can discern and target potentially-higher value rarities; etc. The result is that buyers using bots can hijack a popular sale, making the NFTs scarcer and costlier.
In the short-term they win through inflated prices in secondary sales. Longer-term they benefit from the price accretion that results from holding a scarce and in-demand asset. Meanwhile, the other unwitting participants spend a significant amount of crypto on gas fees for NFTs that they are not able to mint; and must pay significantly higher prices for the asset in the secondary market.
Time Magazine’s launch of its initial NFT collection fell apart due to scalper bots. Scalper bots snatched up the collectibles in minutes and caused ether “gas” (transaction) fees to increase across the entire Ethereum blockchain network.
The Genesis Collection, 4,676 NFTs each tied to a unique digital art piece and a subscription for the Time Magazine website were to be sold at about USD $310 in ETH (ether) on a first come, first-serve basis, with a 10 NFT limit. This limit was established to prevent mass buying from scalper bots.
This attempt to thwart scalper bots failed with all the NFTs purchased in a matter of minutes. Hours later the prices on the secondary market skyrocketed with the lowest available price (aka floor price) of USD $9500 (a 30x markup).
On the Ethereum blockchain one can pay a hefty gas fee to get to the front of the line for transaction processing. Virtually all the successful purchasers in the minutes-long sale period paid massive gas fees. In fact, one purchaser of ten TIMEPieces for $3,000 paid more than $60,000 in line-jumping transaction fees.
The sale had an impact on the entire Ethereum network with gas fees increasing by as much as six times their price on the morning of the sale and were up for about an hour until the bottleneck cleared.
Strategically, as a creator, you do not want the ill-will generated by having potentially thousands of fans failing in a sale that benefits bot-enabled buyers. A solution is the “allow list” enabling early screening, registration and NFT purchases. Have a democratic list, if you are a creator; and seek to be added to one if you are a collector or investor.
Bots run the internet. They are also an intrinsic and unavoidable element in the NFT ecosystem. Whether a creator, collector, or investor you can be strategic in your participation in the space to minimize the negative impact of “bad” bots on your bottom line. Learn how in the NFT Master Class (coming soon).