New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


NFT Site Rarible Targeted in Typosquatting Campaign

Non-Fungible Tokens (NFTs) have become extremely popular as of late and have been making people a lot of money. Quite simply, NFTs are digital comps or artwork and other original production that are stored on cryptocurrency block chains. Threat actors have caught on to the value of these tokens and have begun taking advantage of the system. Sites such as Rarible where NFTs are sold has been a choice target for criminals. Instead of attacking the site itself they’re creating domains similar to the Rarible domain (typosquatting) and taking advantage of people who buy NFTs by tricking them into visiting the fake sites instead of the real one. These sites have various advertisements that attempt to get the potential victim to include all types of personal information. Since this is so new, it is likely to continue on for quite some time.

Analyst Notes

Trends like this are likely to continue and only get larger in the future as more people discover how much money there is to be made, threat actors included. When visiting any site, it is important to make sure the correct domain is being typed or clicked on. If the webpage is unfamiliar, do not include any personal information and attempt revisit the correct website. Companies should consider implementing a service like the typosquatting monitoring offered by the Binary Defense Counterintelligence team. We monitor domains that are similar to our clients’ domains and report any that could be used maliciously to them as they are received.