Skip to main content

Hackers from North Korea are stealing NFTs using almost 500 different phishing domains.

 

Hackers from North Korea are stealing NFTs using almost 500 different phishing domains.

The cybercriminals established dummy websites that posed as legitimate NFT marketplaces, NFT projects, and even a DeFi platform.

There have been reports that hackers with ties to North Korea's Lazarus Group are behind a massive phishing campaign aimed at investors in nonfungible tokens (NFTs). This campaign is said to have used nearly 500 phishing domains to trick victims.

SlowMist, a blockchain security company, published a report on December 24 revealing the strategies that North Korean Advanced Persistent Threat (APT) groups have used to separate NFT investors from their NFTs. These strategies include the use of decoy websites that are disguised as a variety of different NFT-related platforms and projects.

Some examples of these fake websites include a website that pretends to be a project associated with the World Cup, as well as websites that impersonate well-known NFT marketplaces like OpenSea, X2Y2, and Rarible. Another example of one of these fake websites is a website that pretends to be a site that is related to the Olympics.

According to SlowMist, one of the strategies that was implemented was to have these decoy websites offer "malicious Mints." This strategy involves tricking victims into believing that they are minting a genuine NFT by connecting their wallet to the website in question.

However, the NFT is actually a fraudulent transaction, and the hacker, who now has access to the victim's wallet, is left with the ability to steal funds from it.

The report also found that many of the phishing websites shared the same Internet Protocol (IP), with 372 NFT phishing websites operating under a single IP and another 320 NFT phishing websites associated with another IP. This information was gleaned from the analysis of the phishing websites.

According to SlowMist, the phishing campaign has been going on for a number of months, and they noted that the earliest registered domain name was approximately seven months ago.

Phishing attempts also linked images to target projects and recorded visitor data, saving it on third-party websites. These are just two of the many methods that were used.

After the hacker was about to obtain the visitor's data, they would then proceed to run various attack scripts on the victim, which would allow the hacker access to the victim's access records, authorizations, and use of plug-in wallets, in addition to sensitive data such as the victim's approve record and sigData. After the hacker had obtained the visitor's data, they would then proceed to run various attack scripts on the victim..net/YwotbKdP4sVunJGfdhmgww/e8f260a6-84bf-4222-a093-e1ef14e44c00/

After obtaining all of this information, the hacker is able to gain access to the victim's wallet and view all of the victim's digital assets.

However, SlowMist emphasized that this is just "the tip of the iceberg," as the analysis only looked at a small portion of the materials and extracted "some" of the phishing characteristics of the North Korean hackers. This was due to the fact that the analysis only looked at a small portion of the materials.

For instance, SlowMist highlighted the fact that just one phishing address was able to gain 1,055 NFTs and profit 300 Ether, which is equivalent to a profit of $367,000 through the use of its phishing techniques.

It was also revealed that the same North Korean APT group was responsible for the phishing attack against Naver, which had been documented by Prevailion on March 15.

In the year 2022, North Korea was the target of a number of different theft crimes involving cryptocurrencies.

According to a report that was released by the National Intelligence Service (NIS) of South Korea on December 22, North Korea is responsible for the theft of cryptocurrencies worth a total of $620 million just this year.

In October, Japan's National Police Agency issued a cautionary message to the country's crypto-asset businesses, advising them to exercise extreme caution around the hacking group associated with North Korea.

Labels:

Comments

Post a Comment

Popular posts from this blog

Sandbox adds FaZe Clan as a member Sandbox adds FaZe Clan as a member

With a new partnership with the leading Web3 company The Sandbox, eSports, lifestyle, and media company FaZe Holdings Inc (NASDAQ: FAZE) is heading to the metaverse. The decentralized metaverse business The Sandbox, which is part of Animoca Brands, has announced a partnership with the North American gaming and esports organization FaZe Clan. Through this agreement, FaZe Clan will set up a virtual territory called FaZe World and enter the metaverse. In the release, it says that FaZe and Sandbox will work together to create new ways to make money and to host events and other experiences in FaZe World. "Faze Clan into metaverse" is a joint project between: The FaZe Clan will make FaZe World, a 12-by-12-foot virtual plot in the Sandbox metaverse. "Part virtual real estate and part amusement park," say the two companies, is how they describe the world. To back up this idea, they plan to build digital infrastructure. In FaZe World, FaZe and Sandbox will host virtual event
Post a Comment
Read more

Oil prices have risen again in response to signs of increased fuel demand in the United States.

Oil prices rose slightly on Wednesday as data showed firm fuel demand in the United States, providing some relief after a 5% drop the previous day on fears of demand being harmed by increased China COVID-19 curbs and central bank interest rate hikes. A slightly weaker US dollar also supported the market, making oil cheaper for buyers holding other currencies. WTI crude CLc1 futures in the United States rose 90 cents, or 1%, to $92.54 per barrel at 0306 GMT, after falling $5.37 the previous session due to recession fears. Brent crude LCOc1 futures for October, which expire on Wednesday, rose 70 cents, or 0.7%, to $100.01 a barrel, reversing a $5.78 loss on Tuesday. LCOc2, the more active November contract, was up 96 cents, or 1%, at $98.80 per barrel Since the Ukraine conflict began six months ago, price swings have rattled hedge funds and speculators and thinned trading, causing the market to whipsaw even more, as seen on Tuesday. "I can't emphasize enough that the lack of liq
Post a Comment
Read more

Soft demand lowers China's producer prices and consumer inflation.

China's factory-gate prices fell for a second month in November, but consumer inflation slowed, reflecting poor activity and tepid demand in a pandemic-slowed economy. Analysts anticipate the government to maintain rates low and create confidence. According to Friday's National Bureau of Statistics (NBS) data, the producer price index (PPI) was down 1.3% from a year earlier. Reuters had predicted a 1.4% drop. The November CPI grew 1.6% from a year earlier, slower than October's 2.1% annual growth but in line with a Reuters survey. "These figures show economic momentum (continues) to decline," said Pinpoint Asset Management's Zhiwei Zhang. In 2023, the government will focus on stabilizing growth, boosting domestic demand, and opening up to the globe, according to a Politburo meeting on Tuesday. Zhang said the government would take further steps to boost the economy despite easing pandemic controls last week. "The Politburo highlighted low confidence as an
Post a Comment
Read more