Skip to main content

North Korean hackers are using almost 500 phishing domains to steal NFTs.

North Korean hackers are using almost 500 phishing domains to steal NFTs.

The hackers made fake websites that looked like NFT projects, NFT marketplaces, and even a DeFi platform.

Hackers with ties to North Korea's Lazarus Group are said to be behind a massive phishing campaign that targets investors in nonfungible tokens (NFTs). The campaign uses nearly 500 phishing domains to trick people into giving away their personal information.

SlowMist, a blockchain security company, released a report on December 24 that showed the methods that North Korean Advanced Persistent Threat (APT) groups have used to trick NFT investors out of their NFTs. These methods include putting up fake websites that look like different platforms and projects related to NFTs.

Some of these fake websites include one that pretends to be a World Cup project and others that try to look like popular NFT marketplaces like OpenSea, X2Y2, and Rarible.

SlowMist said that one of the methods was for these fake websites to offer "malicious mints," which trick the victims into thinking that they are minting a real NFT when they connect their wallet to the website.

But the NFT is a fake, and the hacker now has access to the victim's wallet, which leaves the wallet open to theft.

The report also showed that many of the phishing websites used the same Internet Protocol (IP). For example, 372 NFT phishing websites were linked to a single IP, and 320 NFT phishing websites were linked to a different IP.

SlowMist said that the phishing campaign has been going on for a while, pointing out that the first domain name was registered about seven months ago.

Other ways that phishing was done were by recording visitor information and saving it on external sites and by linking images to projects that were being hacked.

.net/YwotbKdP4sVunJGfdhmgww/e8f260a6-84bf-4222-a093-e1ef14e44c00/

After the hacker was about to get the visitor's information, they would run different attack scripts on the victim. This gave the hacker access to the victim's access records, authorizations, and use of plug-in wallets, as well as sensitive information like the victim's approve record and sigData.

After getting all of this information, the hacker can get into the victim's wallet and see all of their digital assets.

But SlowMist stressed that this is just the "tip of the iceberg" because the analysis only looked at a small part of the materials and only got "some" of the North Korean hackers' phishing traits.

For example, SlowMist pointed out that just one of its phishing addresses was able to get 1,055 NFTs and 300 Ether, which is worth $367,000.

It also said that the same North Korean APT group was behind the Naver phishing campaign that Prevailion had written about on March 15.

In 2022, North Korea has been at the center of a number of thefts of cryptocurrency.

South Korea's National Intelligence Service (NIS) said in a report that came out on December 22 that North Korea stole $620 million worth of cryptocurrencies this year alone.

In October, Japan's National Police Agency warned the country's crypto-asset businesses about the North Korean hacking group and told them to be careful.

Labels:

Comments

Post a Comment

Popular posts from this blog

Dar predicts economic growth

Finance Minister Ishaq Dar declared Saturday that Pakistan will not default despite opposition propaganda. "Pakistan won't default on opposition propaganda" (Pakistan Tehreek-i-Insaf). Mr. Dar told businessmen that the government isn't headed for default. Imran Khan and other PTI officials anticipate Pakistan will default due to PML-"bad N's policies." Mr. Khan believes the economy can only be stabilized with new elections and a stable government. Mr. Dar said the opposition hurts the country's economy. The opposition also spreads corruption rumors to deter foreign investment. The PTI should not meddle with the economy, he said. The minister lamented his treatment during the past PML administration. "I was a terrorist." My transgression was improving the country's economy. Mr. Dar spent five years in self-exile in the UK. He criticized the PTI and PML-N for devaluing the currency. Rupee devaluation During Shahid Khaqan Abbasi's tenu...
Post a Comment
Read more

The partnership between QuizTalk and Meta-Airline is an NFT strategic alliance.

The alliance's primary objective is to expand the breadth of NFT markets both domestically and internationally by ensuring that both organizations' platforms feature NFT content. SK Telecom's Ifland metaverse service recently sponsored a quiz show by QuizTalk Co., Ltd., which has expanded its presence in the NS home shopping and live commerce industry. QTCON has now been made available on the three largest domestic exchanges, Bithumb, Upbit, and Coinone. It also debuted on the international cryptocurrency exchange Gate.io. About 780 million answers, 1.32 million quizzes, and 700,000 downloads can be found on QuizTalk's "QUIZTOK" platform. You can earn points for answering a quiz question on Quiz Talk, and the person who posed the question can earn points as well. To make it easier for one's followers to access quizzes, a quiz curator has been implemented. If a company wants to promote itself on QuizTalk, it must first acquire and use tokens. Your MAL-SCAN ...
Post a Comment
Read more