Skip to main content

North Korean hackers are using almost 500 phishing domains to steal NFTs.

North Korean hackers are using almost 500 phishing domains to steal NFTs.

The hackers made fake websites that looked like NFT projects, NFT marketplaces, and even a DeFi platform.

Hackers with ties to North Korea's Lazarus Group are said to be behind a massive phishing campaign that targets investors in nonfungible tokens (NFTs). The campaign uses nearly 500 phishing domains to trick people into giving away their personal information.

SlowMist, a blockchain security company, released a report on December 24 that showed the methods that North Korean Advanced Persistent Threat (APT) groups have used to trick NFT investors out of their NFTs. These methods include putting up fake websites that look like different platforms and projects related to NFTs.

Some of these fake websites include one that pretends to be a World Cup project and others that try to look like popular NFT marketplaces like OpenSea, X2Y2, and Rarible.

SlowMist said that one of the methods was for these fake websites to offer "malicious mints," which trick the victims into thinking that they are minting a real NFT when they connect their wallet to the website.

But the NFT is a fake, and the hacker now has access to the victim's wallet, which leaves the wallet open to theft.

The report also showed that many of the phishing websites used the same Internet Protocol (IP). For example, 372 NFT phishing websites were linked to a single IP, and 320 NFT phishing websites were linked to a different IP.

SlowMist said that the phishing campaign has been going on for a while, pointing out that the first domain name was registered about seven months ago.

Other ways that phishing was done were by recording visitor information and saving it on external sites and by linking images to projects that were being hacked.

.net/YwotbKdP4sVunJGfdhmgww/e8f260a6-84bf-4222-a093-e1ef14e44c00/

After the hacker was about to get the visitor's information, they would run different attack scripts on the victim. This gave the hacker access to the victim's access records, authorizations, and use of plug-in wallets, as well as sensitive information like the victim's approve record and sigData.

After getting all of this information, the hacker can get into the victim's wallet and see all of their digital assets.

But SlowMist stressed that this is just the "tip of the iceberg" because the analysis only looked at a small part of the materials and only got "some" of the North Korean hackers' phishing traits.

For example, SlowMist pointed out that just one of its phishing addresses was able to get 1,055 NFTs and 300 Ether, which is worth $367,000.

It also said that the same North Korean APT group was behind the Naver phishing campaign that Prevailion had written about on March 15.

In 2022, North Korea has been at the center of a number of thefts of cryptocurrency.

South Korea's National Intelligence Service (NIS) said in a report that came out on December 22 that North Korea stole $620 million worth of cryptocurrencies this year alone.

In October, Japan's National Police Agency warned the country's crypto-asset businesses about the North Korean hacking group and told them to be careful.

Labels:

Comments

Post a Comment

Popular posts from this blog

Dar predicts economic growth

Finance Minister Ishaq Dar declared Saturday that Pakistan will not default despite opposition propaganda. "Pakistan won't default on opposition propaganda" (Pakistan Tehreek-i-Insaf). Mr. Dar told businessmen that the government isn't headed for default. Imran Khan and other PTI officials anticipate Pakistan will default due to PML-"bad N's policies." Mr. Khan believes the economy can only be stabilized with new elections and a stable government. Mr. Dar said the opposition hurts the country's economy. The opposition also spreads corruption rumors to deter foreign investment. The PTI should not meddle with the economy, he said. The minister lamented his treatment during the past PML administration. "I was a terrorist." My transgression was improving the country's economy. Mr. Dar spent five years in self-exile in the UK. He criticized the PTI and PML-N for devaluing the currency. Rupee devaluation During Shahid Khaqan Abbasi's tenu...
Post a Comment
Read more

Brazil's Federal Revenue Requires Citizens To Pay Taxes On Crypto Trades

  The Federal Revenue of Brazil wants investors to pay taxes on cryptocurrency trading profits, even if there is no exchange for Brazil's national currency. Brazil's Federal Reserve (RFB) has declared that Brazilian investors in the crypto-asset market must pay income tax on transactions that involve the like-kind exchange of cryptocurrencies; for example, Bitcoin (BTC) for Ethereum (ETH). The RFB's declaration was published in the Diário Oficial da União and was the result of a consultation made by a citizen of the country with the regulator.  At the end of last year, the group issued an opinion in which it claimed that trading between cryptocurrency pairs is taxable even if there is no conversion to the real (Brazil's national currency). Although it does not specify what can be understood as "profit," since in the exchange of one crypto asset for another there is no capital gain in fiat currency, it points out that there is, even so, the obligation to pay t...
Post a Comment
Read more