North Korean hackers are using almost 500 phishing domains to steal NFTs.

The hackers made fake websites that looked like NFT projects, NFT marketplaces, and even a DeFi platform.

Hackers with ties to North Korea's Lazarus Group are said to be behind a massive phishing campaign that targets investors in nonfungible tokens (NFTs). The campaign uses nearly 500 phishing domains to trick people into giving away their personal information.

SlowMist, a blockchain security company, released a report on December 24 that showed the methods that North Korean Advanced Persistent Threat (APT) groups have used to trick NFT investors out of their NFTs. These methods include putting up fake websites that look like different platforms and projects related to NFTs.

Some of these fake websites include one that pretends to be a World Cup project and others that try to look like popular NFT marketplaces like OpenSea, X2Y2, and Rarible.

SlowMist said that one of the methods was for these fake websites to offer "malicious mints," which trick the victims into thinking that they are minting a real NFT when they connect their wallet to the website.

But the NFT is a fake, and the hacker now has access to the victim's wallet, which leaves the wallet open to theft.

The report also showed that many of the phishing websites used the same Internet Protocol (IP). For example, 372 NFT phishing websites were linked to a single IP, and 320 NFT phishing websites were linked to a different IP.

SlowMist said that the phishing campaign has been going on for a while, pointing out that the first domain name was registered about seven months ago.

Other ways that phishing was done were by recording visitor information and saving it on external sites and by linking images to projects that were being hacked.

After the hacker was about to get the visitor's information, they would run different attack scripts on the victim. This gave the hacker access to the victim's access records, authorizations, and use of plug-in wallets, as well as sensitive information like the victim's approve record and sigData.

After getting all of this information, the hacker can get into the victim's wallet and see all of their digital assets.

But SlowMist stressed that this is just the "tip of the iceberg" because the analysis only looked at a small part of the materials and only got "some" of the North Korean hackers' phishing traits.

For example, SlowMist pointed out that just one of its phishing addresses was able to get 1,055 NFTs and 300 Ether, which is worth $367,000.

It also said that the same North Korean APT group was behind the Naver phishing campaign that Prevailion had written about on March 15.

In 2022, North Korea has been at the center of a number of thefts of cryptocurrency.

South Korea's National Intelligence Service (NIS) said in a report that came out on December 22 that North Korea stole $620 million worth of cryptocurrencies this year alone.

In October, Japan's National Police Agency warned the country's crypto-asset businesses about the North Korean hacking group and told them to be careful.

Comments

BlackRock Declares The Beginning Of A New Private Bitcoin Trust

BlackRock, the largest asset manager in the world with a portfolio worth over $10 trillion, has reportedly started a new private spot Bitcoin (BTC) trust, according to a blog post that was published on Thursday. The fund, which is solely open to institutional investors in the United States, aims to monitor the performance of Bitcoin after deducting costs and obligations associated with the trust. BlackRock provided an explanation for the choice, stating: "Despite the severe decline in the market for digital assets, we are still witnessing significant interest from some institutional clients in how to effectively and affordably access these assets using our technology and product capabilities. The main area of interest for our clients right now in the digital asset market is bitcoin, which is also the oldest, largest, and most liquid digital asset. Private investment trusts are exempt from American regulatory agencies' registration requirements if they do not solicit investment...

The Ukraine Crisis Has Destroyed Over $80 Billion in Forex Reserves

Foreign exchange reserves hit a two-year low for six weeks. Since the Ukraine crisis, India's foreign exchange assets have dropped by over $80 billion, including over $2 billion in the last week as the Reserve Bank of India sold dollars to help the rupee cross 80-to-the-dollar. Foreign exchange reserves fell by $2.234 billion to $550.871 billion in the week ended September 9, the RBI's most recent weekly statistics show. Since Russia invaded Ukraine in late February, India's import coverage has fallen for six weeks in a row and 23 out of 29 weeks, reflecting the RBI's continued withdrawal of reserves to fight a rise in the US dollar caused by capital outflows to dollar-denominated assets. Foreign exchange reserves have dropped more than $90 billion since late October. Despite persistent foreign capital inflows, a widening current account deficit has not stopped import coverage from falling. After the rupee plummeted this year from over $74 to a record high of over 80 ...

Explosions heard in the Ukrainian capital; deployment of emergency teams

Three explosions were heard in the center of Kiev as the Ukrainian government claimed to have shot down multiple Iranian-made Shahed drones. Mayor Vitali Klitschko reported that ten Shahed drones had been shot down by Ukraine's air defenses, and that emergency services had been deployed to the Shevchenkovskyi neighborhood in the city's center. "More information to come," he wrote on his Telegram channel. There was no way to independently confirm Klitschko's assertion. Ukrainian politician Oleksiy Goncharenko tweeted that he heard three explosions at 6:30 a.m. local time (04:30 GMT). The air-raid alert sounded at 5:55 a.m. (03:55 GMT), and inhabitants are advised to remain in shelters until further notice. "Ukrainians are not awakened by alarm clocks but by explosives," Goncharenko wrote. "Thanks to Russia, our neighbor! "Good morning, everyone!" Kyiv Oblast governor Oleksiy Kuleba stated that air defense systems were activated and "st...

Search This Blog