NFTs Emerging as the Next Enterprise Attack Vector

A recent malware campaign that targeted online artists with a lure of lucrative non-fungible token (NFT) projects is a good indication of how threat actors are capitalizing on the growing interest in digital goods – and that has implications for the growing number of corporate brands trying to ride the NFT wave too.

The campaign, observed by Malwarebytes researchers, involved messages claiming to be from the leaders of the NFT Cyberpunk Ape project. These were sent to digital art creators on online platforms such as DeviantArt and Pixiv, and they invited recipients to work with the people behind the Cyberpunk Ape project to create new NFT characters. They also promised them $350 a day as compensation.

A link in the message directed recipients to more information about the project. When users clicked on it, they were taken to a site that uploaded several images of monkeys purporting to be sample NFTs from the project. One of the images was an executable file which, when opened, infected the user’s system with an information stealer.

Malwarebytes said it observed several account holders on platforms such as Pixiv and DeviantArt complaining that their accounts were being used to spam others with messages about the same Cyberpunk Ape Executive NFT project. Malwarebytes said it could not confirm whether the information thief himself was responsible for the account hacks or whether some other form of phishing was involved.

NFT-related cybercrime: a rapidly growing threat
The campaign is among a growing number of NFT-centric attacks, according to security researchers. Most of them, for now at least, are aimed at people working directly in the NFT space, says Chris Boyd, senior malware intelligence analyst at Malwarebytes. “However, as more mainstream companies adopt NFT projects or seek to get involved in blockchain, it will quickly become a concern in more traditional industries,” he predicts.

Analyst firms such as Gartner and Forrester are already predicting a world where NFTs will play a crucial role in business strategies over the next few years. Gartner included NFTs in its 2021 hype cycle for emerging technologies, and it described them as one of the technologies that could have the most significant impact on business and society over the next 10 years. The analyst firm expects NFTs to play a fundamental role in an emerging metaverse where organizations are trying to improve engagement, collaboration and connection with employees and others through immersive virtual workplaces .

Forrester also reported that organizations such as insurance company State Farm have jumped into the NFT space with a football-themed scavenger hunt as an example of how a growing number of companies are experimenting with unsecured tokens. fungible.

Harvard Business Review earlier this year described the company’s initial efforts around NFTs as being focused on launching their own digital collectibles, such as Campbell’s Soup Art. HBR predicts that over the next few years, NFTs could become the “central digital touchpoint” between businesses and their customers.

A variety of attacks
Boyd says Malwarebytes researchers observed a variety of NFT and cryptocurrency threats daily.

“The most common attacks attempt to trick cryptocurrency enthusiasts into handing over the recovery phrase from their wallet,” he says. Users who fall for the scam often risk losing access to their funds permanently, he says. “Fake Airdrops, which are fake promotional giveaways, are also common and ask for recovery phrases or ask the victim to connect their wallet to malicious Airdrop sites,” he adds, noting that many fake Airdrop sites are imitations of real NFT projects. small unverified projects around, it is often difficult to determine authenticity, he notes.

Oded Vanunu, Head of Product Vulnerability at Check Point Software, explains that what his company has observed through NFT-centric attacks is activity focused on exploiting weaknesses in NFT markets and applications.

“We need to understand that all NFT or crypto markets use Web3 protocols,” says Vanunu, referring to the emerging idea of ​​a new internet based on blockchain technology. Attackers are trying to find new ways to exploit vulnerabilities in applications connected to decentralized networks such as blockchain, he notes.

Over the past few months, Check Point Research has observed attacks that attempt to trick the user into providing access to the NFT platform or wallet, and those that target vulnerabilities in the NFT marketplace to gain access to NFTs belonging to digital artists.

Check Point has also observed attacks involving the use of malicious NFTs to exploit platform vulnerabilities, Vanunu says. He says that organizations that hold NFT assets or crypto assets should be aware of these threats. Enterprise users accessing NFT marketplaces using their company-provided device could also put their organization at risk, he says.

The rise in NFT-centric scams also shows how attackers are taking advantage of new and relatively unknown attacks against victims, notes Hank Schless, head of security solutions at Lookout. Many buy NFTs with cryptocurrency without fully understanding the mechanics behind it, he says. For example, “people new to NFTs may not understand how to validate that the digital asset they are looking at is real,” he says.

Attackers can take advantage of this lack of knowledge to trick people into bidding on fake NFTs, for example. This can especially be a problem with more expensive NFTs, where a bidder or lead buyer can offer fragmented ownership of an NFT to a large group of buyers.

“These group buys are usually coordinated across social media platforms like Twitter, Reddit, and Discord, which give an attacker access to a large number of potential victims,” ​​Schless explains. While most NFT scams continue to be consumer-focused, an attacker could easily use an NFT decoy to deliver malware to a corporate device and gain access to corporate data, he says.

Check Point’s Vanunu says it’s time for organizations to improve user awareness of NFT-centric threats. Organizations with an NFT platform or a crypto wallet must apply multi-factor authentication to access it, for one thing. He also recommends that they use two wallets: one that’s cold – or offline – to hold all the digital asses, and one just for trading with low amounts.

That way, he says, “if exploited, hackers won’t be able to hijack too much.”

#NFTs #Emerging #Enterprise #Attack #Vector

Leave a Comment