According to researchers, one of Ferrari’s subdomains was hijacked yesterday to host a scam promoting a fake Ferrari NFT collection.
What makes the scam particularly interesting is that the carmaker had announced plans to launch NFTs in partnership with tech firm Velas earlier.
The Ethereum wallet associated with the cryptocurrency scam appears to have collected a few hundred dollars before the hacked subdomain was shut down.
An NFT is data stored on a cryptocurrency blockchain that a digital certificate has signed to prove that it is unique and cannot be copied.
On Thursday, Sam Curry, an ethical hacker and bug bounty hunter reported seeing one of Ferrari’s subdomains forms.ferrari.com hosting a fake NFT (Non-Fungible Token) scam.
Last year, Ferrari had announced plans to launch NFT products in partnership with Velas, making this scam all very convincing.
The crypto scam titled “Mint your Ferrari” enticed visitors to buy NFT tokens, falsely touting that Ferrari introduced “a collection of 4,458 horsepower [sic] NFTs on the Ethereum network.”
Additional investigation revealed that attackers exploited an Adobe Experience Manager flaw to hack the subdomain and host their crypto scam.
root@rebcesp, a Twitter user, observed that the Ethereum wallet had collected a little over $800 ever since the scam went up. Etherscan has flagged the wallet address as reports of suspicious activity linked to the wallet.
Found this article interesting? Click here to read more exclusive content we post.