Porsche abruptly cut its minting of a new NFT collection short after a dismal turnout and backlash from the crypto community, allowing threat actors to fill the void by creating phishing sites that steal digital assets from cryptocurrency wallets. NFTs are digital assets stored on a blockchain, representing proof of authenticity and ownership of an item, such as an artwork image, music, and anything that can take the form of digital media. The German automaker launched its first NFT mint last Monday, January 23, 2023, offering a digital replica of the iconic 911 car for 0.911 ETH, valued at about $1,500. Delays in the rollout of the collection caused frustration in the community, as only about 20% of the promised 7,500 NFTs had been minted after 24 hours and three minting waves. To make matters worse, a flourishing NFT resale market was set up over at OpenSea, where it was cheaper to buy the Porsche collectibles than get the original, which devalued the assets immediately and further infuriated investors and traders. Eventually, on January 24, Porsche announced they would stop the minting process and cut the supply until they figured out how to get the NFT debut right. The actual minting process didn't stop until January 25 at 6 AM UTC-5, giving scammers plenty of chance to leverage the confusing situation. While the Porsche NFTs rose in value in the coming days, so did the scale of fraudulent activity around the mint, with threat actors launching phishing sites to impersonate an ongoing Porsche mint. When users connected their crypto wallets to the phishing sites, they would attempt to drain the assets and funds in the wallets. This forced Porsche to warn on January 27 about fake accounts promoting the continuation of the NFT minting process to steal people's details and assets. Today, over a week after Porsche's failed NFT launch, several scammers continue to trick people looking to obtain custom digital 911 NFTs. BleepingComputer had found a notable case of a now-suspended Twitter account with almost 11,000 followers impersonating Porsche's NFT-dedicated account. While this account linked to Porsche's real Discord channel, it also linked to a malicious site that's visually a clone of Porsche's genuine NFT portal at Nft.porsche.com. While the actual site has a notice about the minting closure, the fake one pretends that the procedure is still underway, inviting users to link their wallets. The fake Twitter account had a pinned tweet saying that the remaining Porsche NFTs are now available to claim for free while also promising the renewal of the stock for the remaining community. The fake account had disabled user comments under all posts and even re-tweets posts of the real Porsche account, which made it easy to trick people into getting a digital 911 NFT while missing signs of fraud. The scam account was shut down today, with a previous one used by the same scammer appearing also to have been suspended. Other accounts are likely taking advantage of the Porsche Web3 snafu, so aspiring investors are advised to be extra vigilant.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 30 Jan 2023 22:59:02 +0000