Copy link
Increase text size
Decrease text size
Link copied

NFT users targeted by North Korean hackers in large-scale phishing operation

The phishing campaign has been going on for a while; the earliest registered domain name was roughly seven months ago.

Image by: Wikimedia Commons

Mon, 26 Dec 2022, 09:31 am UTC

Non-fungible token (NFT) owners are now being targeted by the hacker group Lazarus. The North Korean group is reportedly involved in a massive phishing campaign that involved nearly 500 phishing domains set up to dupe victims.

On December 24, the blockchain security company SlowMist published a report that outlined the tactics used by North Korean Advanced Persistent Threat (APT) groups to dupe NFT investors. One of the methods involved the use of bogus websites impersonating various NFT-related platforms and projects, according to Cointelegraph.

These fraudulent websites include one that presents itself as a project associated with the World Cup. There are also sites that mimic popular NFT marketplaces like OpenSea, X2Y2, and Rarible.

One of the strategies, according to SlowMist, is to have these fake websites offer "malicious Mints," which trick the users into believing they are minting real NFTs by linking their wallets to the website. The NFT is essentially a scam, and as a result, the victim's wallet is open to attack by the hacker who now has access to it.

The analysis also showed that a large number of phishing websites shared the same Internet Protocol (IP), with 372 NFT phishing websites sharing a single IP and another 320 NFT phishing websites using a different IP.

The phishing campaign, according to SlowMist, has been going on for a while; the earliest registered domain name was roughly seven months ago. Along with linking photographs to target projects, other phishing techniques utilized included gathering visitor information and saving it to external websites.

The hacker would then employ different attack scripts on the victim after obtaining the visitor's data, giving them access to the victim's access records, authorizations, use of plug-in wallets, and sensitive data such as the victim's approve record and sigData.

The hacker can then access the victim's wallet using all this information, exposing all of their digital assets. SlowMist stressed that this is simply the "tip of the iceberg," as the research only considered a small percentage of the materials and only "some" of the North Korean hackers' phishing characteristics.

For instance, SlowMist pointed out that one phishing address alone was able to steal 300 ETH ($367,000) and 1,055 NFTs using its phishing techniques. The firm also stated that the Naver phishing effort, which was originally reported by Prevailion on March 15, was carried out by the same North Korean APT group.

TokenPost | [email protected]

<Copyright © TokenPost. All Rights Reserved. >

  • Bitcoin (btc) $22,836.00 (-2.36%)
  • Ethereum (eth) $1,629.41 (-2.41%)
  • BNB (bnb) $325.12 (-3.38%)
  • USD Coin (usdc) $0.999802 (-0.07%)
  • XRP (xrp) $0.397847 (-3.29%)
  • Bitcoin (btc) $22,836.00 (-2.36%)
Jul 15, 2021 (Thursday)
13:30
BTC Surges by 1.16% Within 5 Mins, Marking 31,824.01 USDT
12:06
BTC Surges by 1.12% Within 5 Mins, Marking 32,104.8 USDT
10:25
BTC Drops by 1.03% Within 5 Mins, Marking 32,171.88 USDT
02:13
TriumphX Scouts 'MINAMCOMPANY' CEO Woo-Seong Lee As Creative Director
02:00
ETH Tops List Of Crypto Net Inflow With $298.96 Mln In Past 10 Hours
Jul 14, 2021 (Wednesday)
13:14
BTC Surges by 1.03% Within 5 Mins, Marking 32,738.08 USDT
09:03
BTC Surges by 1.01% Within 5 Mins, Marking 31,899 USDT
02:30
Crypto Market Sentiment On Jul 14: Market In "Extreme Fear"
02:00
ETH Tops List Of Crypto Net Outflow With $224.97 Mln In Past 10 Hours
Jul 13, 2021 (Tuesday)
02:30
Crypto Market Sentiment On Jul 13: Market In "Extreme Fear"
02:00
ETH Tops List Of Crypto Net Outflow With $178.61 Mln In Past 10 Hours
Jul 12, 2021 (Monday)
02:30
Crypto Market Sentiment On Jul 12: Market In "Extreme Fear"
02:00
BTC Tops List Of Crypto Net Inflow With $164.82 Mln In Past 10 Hours
Jul 11, 2021 (Sunday)
21:31
BTC Surges by 1.02% Within 5 Mins, Marking 34,475.6 USDT
10:00
ETH Tops List Of Crypto Net Inflow With $122.76 Mln In Past 18 Hours
06:17
SOBA Listed On LATOKEN
02:30
Crypto Market Sentiment On Jul 11: Market In "Extreme Fear"
02:00
BTC Tops List Of Crypto Net Outflow With $87.56 Mln In Past 10 Hours
Jul 9, 2021 (Friday)
21:40
BTC Surges by 1.08% Within 5 Mins, Marking 33,911.8 USDT
02:30
Crypto Market Sentiment On Jul 09: Market In "Extreme Fear"
Subscribe to the TokenPost newsletter!
Don't show me this again today.
Back to top
Copyright ⓒ TokenPost. All Rights Reserved.