Ferrari subdomain hacked for NFT scam

A subdomain of the car brand Ferrari was hacked last week. According to security researchers, hackers tried to misuse the domain name for an NFT scam. Security officers quickly discovered the vulnerability, which resulted in the attackers taking only a few hundred dollars.

That writes BleepingComputer.

Here’s what you need to know about NFTs

Ethical hacker and security researcher Sam Curry discovered last week that hackers managed to take over the forms.ferrari.com subdomain. With this domain name, the perpetrators tried to set up a scam with NFTs.

An NFT or Non-Fungible Token is simply nothing more than a digital certificate that you own a file. This proof or right of ownership is stored in a kind of digital cash book, also known as the blockchain.

The blockchain is not centrally controlled but is decentralized. This means that several parties can confirm the ownership of an NFT. In this way, everyone knows who is the owner of an NFT and manipulation is not possible.

Ferrari’s plans to offer NFTs

“Why would Ferrari have anything to do with NFTs?” you may ask. The link between the Italian car manufacturer and NFTs is definitely there. Last year, Ferrari announced that it would launch NFT products together with tech company Velas. Ferrari CEO Benedetto Vigna called NFTs “an interesting area” for the company. He did not provide further details about the plans.

The fact that Ferrari asks followers on one of its subdomains to ‘forge a Ferrari’ may seem reliable to loyal fans after last year’s announcement. According to the report, the maker of fast and luxury cars would have “a collection of 4,458 horsepower of NFTs on the Ethereum network”.

Vulnerability was the cause of hack attack

In reality, there was no Ferrari NFTs at all, but it was nothing more than a ruse to extort money from gullible aficionados of the Italian car brand. The hackers did not become really rich with it. According to security researchers, the perpetrators made only $800 from their scams.

Further investigation shows that the hackers exploited a vulnerability in Adobe Experience Manager. The leak was immediately sealed by the Ferrari security staff. Whoever visits the subdomain now will see a 403 error. Certain pages are then closed to visitors.

NFTs interesting for hackers

NFT trading is a fairly recent phenomenon, which first really took off in 2021. Experts believe it will take off in the near future. Hackers eagerly capitalize on these kinds of predictions. The NFT scams with Ferrari prove that.

Parties that trade NFTs are regularly targeted by unscrupulous hackers. At the beginning of this year, OpenSea, the largest NFT marketplace on the internet, was hit by a phishing attack. 17 users lost their NFTs as a result. The damage was estimated at more than $1 million.

Catch up on more articles here

Follow us on Twitter here

Popular

Must read

MORE ON THIS TOPIC:

Related Posts