MFT Malicious Fungible Tokens
Mauro Eldritch, Cybelle Oliveira
DEF CON 32 Creator Stage · Day 1 · Creator Stage
In their DEF CON 32 talk, "MFT Malicious Fungible Tokens," Mauro Eldritch and Cybelle Oliveira unveiled a groundbreaking approach to command and control (C2) infrastructure, leveraging the inherent immutability and decentralized nature of **Non-Fungible Tokens (NFTs)**. While the title playfully references "Fungible Tokens," the core innovation presented centers entirely on NFTs as a resilient, "immortal" C2 mechanism. The speakers demonstrated how adversaries could embed malicious instructions within NFT metadata or the associated off-chain digital assets, creating a C2 channel that is exceptionally difficult to detect, blacklist, or take down using conventional methods.