North Korean Phishing Scam Targets NFTs using 500 Fake Domains

Share This Post

In the latest report on NFT scams, North Korean hackers have been found to be behind a major phishing scam targeting NFT holders.

SlowMist, a Blockchain security company, reports that the hackers used as many as 500 phishing domains to lure victims. The majority of these websites were replicas of well-known NFT platforms like OpenSea and X2Y2.

Quick Take:

  • North Korea’s Lazarus Group is suspected of running a massive phishing campaign targeting non-fungible token investors (NFTs). 
  • On December 24, blockchain security company Slow Mist released a report on how North Korean Advanced Persistent Threat (APT) groups try to prevent NFT investors from receiving their NFTs.

What exactly is the North Korea NFT phishing scam?

SlowMist claimed in a report published on December 24 that hackers linked to North Korea’s Lazarus Group were behind a massive NFT phishing scam. Typically, North Korean Advanced Persistent Threat (APT) groups used bogus websites to sell “malicious mints” to investors.

To explain, the websites entice victims by claiming to be minting legitimate NFTs. When they connect their wallets to the website, the hackers gain access to them and can drain them as they wish.

How do hackers steal NFTs?   

SlowMist discovered several unique NFT phishing traits used by North Korean groups. For example, phishing websites would record visitor data and save it to external sites. Then, they would run various “attack scripts” to access sensitive information such as victim’s access records, wallet addresses, authorizations, approve records, and big data. Using this information, North Korean hackers can drain victims’ wallets. 

Then, most of the sites used the same Internet Protocol (IP). Moreover, they used multiple tokens, such as WETH, USDC, and DAI, in their phishing attacks. Additionally, one phishing address, in particular, was responsible for a major number of transactions. 

Slow Mist stressed that this is just the “tip of the iceberg,” as the study only examined a small percentage of the documents and retrieved some of the North Korean hackers’ phishing characteristics.

“The hacker was able to receive a total of 1,055 NFTs and made off with a profit of approximately 300 ETH through their sales,” the report added. 

NFT Scams

It claimed that the same North Korean APT group was also behind the Naver phishing campaign. The study was first reported by Prevailion on March 15.

North Korea was the focus of numerous cryptocurrency theft activities in 2022.

According to a study released on December 22 by South Korea’s National Intelligence Service (NIS), North Korea stole $620 million in cryptocurrency in 2018.

In October, the National Police Agency of Japan issued a warning to the country’s crypto-asset enterprises. It also advises them to be wary of a North Korean hacking group.

Subscribe to the NFT Lately newsletter to receive news covering the latest NFT-related drops, releases, reviews, and more.


Related Posts

Magic Eden Adopts Solana’s Compressed NFTs

Magin Eden, the distinguished NFT marketplace, recently announced its... Returns With Surging NFT Trading Volumes, the decentralized social media app, has shown an...

CoinMarketCap and HELLO Labs to Premiere TV Series, Killer Whales

An official trailer for the Web3 television series 'Killer...

Machi Proposes 11M $APE Sends NFTs to Museums Worldwide

An intriguing week-long vote surrounding OG NFTs kick-started today! Machi Big Brother,...

Italian Luxury Watch Brand Panerai Introduces Digital Passports Generated with NFT

Italian luxury watch manufacturer Panerai has revealed plans to include an...

Related Posts

Otherside Announces the Beta Launch of Legends of Mara 

Yuga Labs recently announced that they will launch a...

Adidas Just Unveiled Its First Digital Artist Program, RESIDENCY

Making strides in the art and technology sectors, Adidas...

Grab, Southeast Asia’s Uber, Integrates NFTs into Business Model

Grab, an Uber-like riding giant in Southeast Asia, steps...

Soccer Star Ronaldinho Faces $61M Legal Battle over Crypto Scam

Ronaldinho Gaúcho is playing a risky game off the...

The History of Bitcoin NFTs – A Step-by-Step Timeline

With recent hype surrounding Casey Rodarmor's release of open-source...