Many NFT marketplaces like OpenSea and Nifty Gateway are centralized. This means that a single organization controls the functions and activities of the marketplace. This can create significant security issues. First, these centralized marketplaces hold the private keys to the NFT assets on their platforms. Due to this, hackers can easily access the system and steal NFTs on the network. This recently played out on Nifty Gateway. Many accounts on the marketplace were compromised, and hackers were able to purchase NFTs and sell them for a profit.
Also, in December 2021, Vulcan Forged, an NFT marketplace, was compromised by hackers. The hackers used the platform to gain access to the private keys of about 96 wallets. This resulted in a loss of about $140 million.
There is also the risk of personalized hack attacks on these platforms. As a user, where you do not activate two-factor authentication, your account can easily fall prey to hackers that are looking for loopholes within the system. This could result in the loss of your crypto assets. For example, in March 2021, some Nifty Gateway users reported that their NFTs had been stolen from their wallets. Nifty Gateway investigated the hack attack and reported that the hackers carried out the attack on a small number of accounts that lacked any form of two-factor authentication.