No products in the cart.
- Latest
- Trending
ADVERTISEMENT
Hackers associated with the North Korean Lazarus Group are reportedly behind a massive phishing campaign targeting Non Fungible Token (NFT) investors.
Blockchain security firm SlowMist report On December 24, a North Korean Advanced Persistent Attack (APT) group launched a series of tactics used to lure NFT investors away from NFTs, including decoy websites masquerading as various NFT-related platforms and projects. clarified.
Examples of these fake websites include sites masquerading as projects related to the World Cup and sites masquerading as well-known NFT marketplaces such as OpenSea, X2Y2 and Rarible.
SlowMist said one of the tactics used was to force these decoy websites to serve “malicious mints.” This includes connecting the victim’s wallet to her website to trick them into thinking they are creating a legitimate NFT for her.
However, NFTs are actually a scam, leaving victims’ wallets vulnerable to hackers who gain access.
The report also found that many of the phishing websites operate on the same Internet Protocol (IP), 372 NFT phishing websites operate on a single IP, and another 320 NFT phishing websites operate on It was also revealed to be associated with another IP.
According to SlowMist, the phishing campaign has been ongoing for months, with the first domain name registered about seven months ago.
Other phishing tactics used included logging and storing visitor data on external sites and linking images to targeted projects.
After the hackers attempt to obtain the visitor’s data, they run various attack scripts against the victim, giving the hacker access to the victim’s access records, authorizations, plugin wallet usage, and sensitive data. increase. Victim authorization record, sigData, etc.
All this information gives the hackers access to the victim’s wallet, exposing all their digital assets.
However, SlowMist stresses that this is just the “tip of the iceberg,” with the analysis only scratching the surface of the material, extracting only “some” of the North Korean hacker’s phishing signatures.
SlowMist Security Alert
North Korean APT Group Targets NFT Users in Massive Phishing Campaign
This is just the tip of the iceberg. Our thread only covers a fraction of what we’ve discovered.
let’s jump in pic.twitter.com/DeHq1TTrrN
Slow Mist (@SlowMist_Team) December 24, 2022
For example, SlowMist highlighted 1,055 NFTs with just one phishing address and 300 ETH worth $367,000 with phishing tactics.
He added that the same North Korean APT group was also involved in previous Naver phishing campaigns. documented by Prevalion on March 15th.
Related: Blockchain Security Firm Warns About New MetaMask Phishing Campaign
North Korea was at the center of various cryptocurrency theft crimes in 2022.
According to a news report released by South Korea’s National Intelligence Service (NIS) on December 22, North Korea has stolen $620 million worth of cryptocurrencies this year alone.
In October, Japan’s National Police Agency issued a warning to domestic cryptocurrency businesses to beware of North Korean hacking groups.
