Scammers took over a Ferrari subdomain to sell impersonated NFT
Scammers took over a Ferrari subdomain to sell impersonated NFT collections, raising more than $800.
When accessing this domain on 5/5, users are introduced to a project called "Mint your Ferrari", with the introduction as the official project of the car company, selling NFTs with the power of "4,458 codes". force" on the Ethereum blockchain. Users are required to connect the website to a cryptocurrency wallet to make transactions.
Although the website is poorly designed and contains many typos, Ferrari's domain name has many users trust. Last year, Ferrari also announced a plan to promote the application of technology, including partnering with blockchain company Velas Network to issue proprietary NFTs. Thus, according to experts, the trick becomes convincing.
Before being discovered and removed from the website, the wallet of the scam project had collected about 800 USD worth of cryptocurrency and most of it was moved. This wallet address has been flagged by Etherscan.
Security expert Sam Curry, who first discovered the problem, said the scammer exploited a vulnerability in Adobe Experience Manager, which is used in Ferrari's system. From there, they take over the subdomain and carry out the scam.
Currently, the above subdomain is in a decommissioned state. Ferrari has not yet commented on this.
According to expert Curry, the recent multi-million dollar NFT deals have made this a favorite target for hackers and fraudsters, especially when many users are new to the market and inexperienced with keeping them safe. safe.
Before the Ferrari impersonation, many similar cases were also recorded. Since 2018, crooks have taken over Elon Musk's Twitter account and scammed $180,000 in digital currency. In 2021, a site impersonating Bitcoin.org lured users to deposit money to double their accounts, costing victims around $17,000.