North Korean hackers are using almost 500 phishing domains to steal NFTs.

The hackers made fake websites that looked like NFT projects, NFT marketplaces, and even a DeFi platform.

Hackers with ties to North Korea's Lazarus Group are said to be behind a massive phishing campaign that targets investors in nonfungible tokens (NFTs). The campaign uses nearly 500 phishing domains to trick people into giving away their personal information.

SlowMist, a blockchain security company, released a report on December 24 that showed the methods that North Korean Advanced Persistent Threat (APT) groups have used to trick NFT investors out of their NFTs. These methods include putting up fake websites that look like different platforms and projects related to NFTs.

Some of these fake websites include one that pretends to be a World Cup project and others that try to look like popular NFT marketplaces like OpenSea, X2Y2, and Rarible.

SlowMist said that one of the methods was for these fake websites to offer "malicious mints," which trick the victims into thinking that they are minting a real NFT when they connect their wallet to the website.

But the NFT is a fake, and the hacker now has access to the victim's wallet, which leaves the wallet open to theft.

The report also showed that many of the phishing websites used the same Internet Protocol (IP). For example, 372 NFT phishing websites were linked to a single IP, and 320 NFT phishing websites were linked to a different IP.

SlowMist said that the phishing campaign has been going on for a while, pointing out that the first domain name was registered about seven months ago.

Other ways that phishing was done were by recording visitor information and saving it on external sites and by linking images to projects that were being hacked.

After the hacker was about to get the visitor's information, they would run different attack scripts on the victim. This gave the hacker access to the victim's access records, authorizations, and use of plug-in wallets, as well as sensitive information like the victim's approve record and sigData.

After getting all of this information, the hacker can get into the victim's wallet and see all of their digital assets.

But SlowMist stressed that this is just the "tip of the iceberg" because the analysis only looked at a small part of the materials and only got "some" of the North Korean hackers' phishing traits.

For example, SlowMist pointed out that just one of its phishing addresses was able to get 1,055 NFTs and 300 Ether, which is worth $367,000.

It also said that the same North Korean APT group was behind the Naver phishing campaign that Prevailion had written about on March 15.

In 2022, North Korea has been at the center of a number of thefts of cryptocurrency.

South Korea's National Intelligence Service (NIS) said in a report that came out on December 22 that North Korea stole $620 million worth of cryptocurrencies this year alone.

In October, Japan's National Police Agency warned the country's crypto-asset businesses about the North Korean hacking group and told them to be careful.

Comments

The economy of Malaysia is expected to slow down in 2023.

According to statements made by analysts on Thursday, the economy of Malaysia will slow down in 2023 as a result of adverse external conditions and a slowdown in internal demand. According to Xinhua news agency, the Maybank Investment Bank Research said in a research that it anticipates Malaysia's full-year growth to drop to 4 percent in 2023 from the growth prediction of 8 percent in 2022. This is mostly reflective of a moderation in domestic demand. As pent-up spending from the complete economic re-opening evaporates next year, the research house anticipates slower growth in private consumption. This will be compounded by the effects of high inflation and high interest rates on the cost of living and real disposable income. It also forecasts a slowdown in the expansion of private consumption, which is expected to be in line with the reduced allocation for government operating expenses in Budget 2023. In addition, it was said that the forecast for slower global economic developmen

7-Day Wait for Vote to Fix Compound CETH Market Bricked By Update

A recent governance proposal to update the pricing feeds of Compound, a decentralized lending platform, was hampered by a programming error. Although the Compound ETH (cETH) market has "temporarily halted" due to the coding fault, Compound Labs assured users that their money is not in danger right away despite the front end's malfunction. On August 31, Compound Labs revealed that the code error originated from Proposal 117: Compound Oracle Upgrade v3, which had just been put into place to upgrade the oracle contracts on the Compound protocol to a new version that uses Uniswap V3 rather than V2 for price feeds. Compound Labs stated that it intended to use Proposal 119: Oracle Update to return to the prior price feed in response to the cETH market briefly freezing. Despite being created less than an hour after Proposal 117 was carried out, the new proposal must now go through a seven-day governance process before it can go into effect. According to an update from OpenZeppel

After major averages extended their losses to start the week, stock futures continued their downward trend.

The stock market futures went in the opposite direction on Tuesday morning, falling after the Bank of Japan indicated that it will increase the yield target range. The Dow Jones Industrial Average futures market experienced a loss of 236 points, or 0.72 percent. Futures contracts for the S&P 500 and the Nasdaq 100 both had a decline of 1.05% and 0.86%, respectively. On Monday, ordinary trading on the Dow Jones Industrial Average resulted in a loss of more than 162 points, or around 0.5%. The S&P 500 had a loss of 0.9%, while the Nasdaq Composite dropped almost 1.5%. The stock market is currently on track to finish the month and the year with a loss, and investors' expectations for a Santa Claus surge are rapidly diminishing. There has been no sign of Santa Claus as of yet. Louis Navellier, the founder of the growth investing firm Navellier & Associates, once advised his clients to "buckle up." "One would want to think that all of the bad news has been rep

Search This Blog