Distributed data replication systems are more than just tools for redundancy—they’re fertile ground for creative abuse. In this talk, we explore how technologies like NFTs, IPFS, Codex, and Cloudflare R2 can become resilient C2 infrastructures, payload delivery systems, and phishing hosting that challenge takedown efforts. Welcome to the next phase of decentralized threats.
This sequel to “MFT: Malicious Fungible Tokens” explores how distributed data replication systems can be used for malicious purposes. We’ll demonstrate how technologies like Codex, WhenFS, IPFS, and Cloudflare R2 buckets can store and distribute C2 commands, payloads, and even phishing campaigns such as templates or client-side drainers. These systems enable infrastructures that are resistant to takedowns and, in some cases, nearly unstoppable. Through practical examples and live demonstrations, we’ll uncover the risks these systems pose and discuss their implications for security teams.
This talk is a continuation of "Everything is a C2 if you're brave enough" from Red Team Village and "MFT: Malicious Fungible Tokens" from Adversary Village, which explains how to turn NFTs into immortal C2 Servers. It is not needed to have attended these talks as a short recap will be featured.