Page 198 - Cyber Defense eMagazine Special RSA Conference Annual Edition for 2022
P. 198
NFTS Are Cool but Dangerous
By Guy Rosefelt, CPO, Sangfor Technologies
NFTs have become very popular with collectors and are more ubiquitous every day. The idea of owning
a one-of-a-kind object even in the digital world is very attractive. The idea is not new as buying unique
items inside games has been around for decades. But artists and creatives of all types, be it painting and
graphics, music, photography, and even video can now create and sell unique works that cannot be
replicated.
First, I need to disclose I am not a huge fan of Non-Fungible Tokens (NFTs). Besides security issues,
they are being used by criminals for money laundering of cryptocurrency, and I do not see the value in
something that will immediately become worthless when the internet apocalypse happens and your NFT
wallet is no longer accessible. But that is just me. Until that happens let’s talk about the security issues.
Security issues include phishing scams to access crypto-wallets and steal NFTs, and selling counterfeit
items, but the issue I want to discuss is using NFTs to distribute malware.
VIA, a company that specializes in solutions for infrastructure and government, reported that they
discovered instances of malware being injected into NFTs and demonstrated how easy it is. It makes
sense as NFTs are normally media files that have historically been used to inject code or embed malicious
software that runs when open. All being an NFT does is verify that it is the only file of its kind using
198