North Korea becomes the epicenter for NFT thefts over 500 phishing domains

0
55

North Korea’s notorious Lazarous Group, notorious for launching cyber attacks, has once again come under the spotlight for targeting the NFT sector with back-to-back attacks. The hacker group has launched around 500 phishing domains, which they use to dupe unsuspecting victims who are also avid NFT buyers. The allegations against the Lazarous Group were noted in the recent report by SlowMist, a blockchain security firm. The report has highlighted that this NFT stealth campaign has been running for months, with the earliest malicious domain being registered between May and June.

NFTs or non-fungible tokens are blockchain-based digital collectibles, most of which also work in compatible Metaverse experiences. Most of the time, NFTs are valuable and their blockchain-based creation transfers full ownership of these virtual collectibles to buyers and is stored in crypto wallets.

That lazarous group has deployed “bait websites” pretending to be legitimate NFT projects in order to trick them into engaging with these infected websites.

phishing websites collects visitor data and stores it on external sites. The hacker records visitor information via an HTTP GET request on an external domain. Our investigation revealed that the hackers used multiple tokens such as WETH, USDC, DAI, and UNI etc. in their phishing attacks,” the said official post by SlowMist.

This year, while not being ideally profitable for the NFT industry, has managed to see multiple scammers flock to the sector to launch attacks.

Last week, for example, anti-theft platform harpie said a new type of scam is looming over OpenSea’s visitors, offering “gasless sales” on the platform and eventually redirecting victims to phishing sites.

As part of the reportedly ongoing scam, hackers trick people into signing an unreadable message. Gasless NFTs are likely to attract signature requests from first-time buyers.

In its report, SlowMist said North Korea’s Advanced Persistent Threat (APT) groups left victims’ wallets vulnerable to further hacking.

In addition to traditional phishing, scammers have also used the ice phishing technique to steal digital collectibles that can be used on the internet Web3 sector.

Last week 14 NFTs the expensive and famous Bored Apes Yacht Club (BAYC) collection.were stolen in an ice phishing attack.

Ice phishing scams are cyber attacks this maneuver Web3 user into manually signing and approving credentials that allow notorious actors to issue their tokens.

Traditional phishing scams allow hackers to steal private keys or passwords by tricking unsuspecting people into clicking malicious links or visiting infected bogus websites.


Affiliate links can be generated automatically – see ours Ethics Statement for details.

LEAVE A REPLY

Please enter your comment!
Please enter your name here