one Ferrari website subdomain hacked and was used to sell a counterfeit collection of tokens that could not be counterfeited (NFTs), was allegedly marketed by the Italian automaker. The scam was discovered by security researcher Sam Curry, who was exposed last Thursday (5).
According to the expert, the attackers took over the “forms.ferrari.com” subdomain of the manufacturer’s official website. super sports carstaking advantage of a flaw Adobe Experience Manager your platform. The tool in question serves to manage content and digital assets.
After taking control of the page, cybercriminals began to disclose an allegation. token sale From the iconic automaker, it presents the product as a “4,458 horsepower NFT collection from Ferrari on the Ethereum network”. On the hacked website, the scam was called “Mint Your Ferrari”.
Very interesting: It looks like the scammers have found a subdomain takeover on “https://t.co/qb9JqK2oL9” and are using it to host an NFT scam. pic.twitter.com/6vKoxWegXp
— Sam Curry (@samwcyo) May 5, 2022
It is useful to remember that it is a manufacturer. luxury sports cars announced the launch of digital products in partnership with technology company Velas Network in December last year. However, the branded cryptographic assets of “Cavallino Rampante” have not started to be sold yet.
low collection
despite Ferrari NFT scam The perpetrators of the scam, which were on air for a short time, managed to attract at least one victim and raised around US$884, equivalent to R$4,500 at the current price. Money transferred to a person Ethereum wallet It was eventually suspended after reports of questionable activity linked to it.
ethical hacker and insect bounty hunter As soon as it discovered the scam, it alerted the automaker and made it possible to quickly remove the hacked page, which likely contributed to the low income of the cybercriminals. The hijacked subdomain is currently closed and HTTP error code 403.
So far, Ferrari has not commented on the scam.
Source: Tec Mundo
