North Korean Phishing Scam Targets NFTs using 500 Fake Domains

Share This Post

In the latest report on NFT scams, North Korean hackers have been found to be behind a major phishing scam targeting NFT holders.

SlowMist, a Blockchain security company, reports that the hackers used as many as 500 phishing domains to lure victims. The majority of these websites were replicas of well-known NFT platforms like OpenSea and X2Y2.

Quick Take:

  • North Korea’s Lazarus Group is suspected of running a massive phishing campaign targeting non-fungible token investors (NFTs). 
  • On December 24, blockchain security company Slow Mist released a report on how North Korean Advanced Persistent Threat (APT) groups try to prevent NFT investors from receiving their NFTs.

What exactly is the North Korea NFT phishing scam?

SlowMist claimed in a report published on December 24 that hackers linked to North Korea’s Lazarus Group were behind a massive NFT phishing scam. Typically, North Korean Advanced Persistent Threat (APT) groups used bogus websites to sell “malicious mints” to investors.

To explain, the websites entice victims by claiming to be minting legitimate NFTs. When they connect their wallets to the website, the hackers gain access to them and can drain them as they wish.

How do hackers steal NFTs?   

SlowMist discovered several unique NFT phishing traits used by North Korean groups. For example, phishing websites would record visitor data and save it to external sites. Then, they would run various “attack scripts” to access sensitive information such as victim’s access records, wallet addresses, authorizations, approve records, and big data. Using this information, North Korean hackers can drain victims’ wallets. 

Then, most of the sites used the same Internet Protocol (IP). Moreover, they used multiple tokens, such as WETH, USDC, and DAI, in their phishing attacks. Additionally, one phishing address, in particular, was responsible for a major number of transactions. 

Slow Mist stressed that this is just the “tip of the iceberg,” as the study only examined a small percentage of the documents and retrieved some of the North Korean hackers’ phishing characteristics.

“The hacker was able to receive a total of 1,055 NFTs and made off with a profit of approximately 300 ETH through their sales,” the report added. 

NFT Scams

It claimed that the same North Korean APT group was also behind the Naver phishing campaign. The study was first reported by Prevailion on March 15.

North Korea was the focus of numerous cryptocurrency theft activities in 2022.

According to a study released on December 22 by South Korea’s National Intelligence Service (NIS), North Korea stole $620 million in cryptocurrency in 2018.

In October, the National Police Agency of Japan issued a warning to the country’s crypto-asset enterprises. It also advises them to be wary of a North Korean hacking group.

Subscribe to the NFT Lately newsletter to receive news covering the latest NFT-related drops, releases, reviews, and more.

spot_img

Related Posts

Coinbound Appoints Lindsay Keyfauver to Director of Coinscribble

New York, NY – October 2nd, 2024 – Coinbound,...

Coinbound Named to Manifest’s Global Most Reviewed Advertising and Marketing Agencies List for 2024

Honored for Excellence in Blockchain Marketing, Crypto Marketing, Investor...

Void 2122 to Unlock a New Era of Combat Card Gaming with NFTs

The pioneering force in the Web3 landscape, Void 2122,...

Magic Eden Adopts Solana’s Compressed NFTs

Magin Eden, the distinguished NFT marketplace, recently announced its...

Friend.tech Returns With Surging NFT Trading Volumes

Friend.tech, the decentralized social media app, has shown an...

Related Posts

Justin Beiber’s Track “Company” Releases as NFT

The renowned global pop sensation Justin Beiber’s 2015 hit...

The Top 10 Most Expensive NFTs Sold

7 out of the 10 most expensive NFTs sold...

Art Blocks NFT Review – A Trendy Hub for Innovation and Art

How Art Blocks allows artists to create custom on-demand...

‘Snoop Dogg Passport’ NFTs Open Backstage Experiences

Renowned rap artist Snoop Dogg ventures into the Web3...

CoinGecko vs CoinMarketCap: Which Is The Better Crypto Tracker?

CoinMarketCap and CoinGecko are two of the most popular...