Hackers create phishing sites that mimic NFT Fair, NFT Projects, and even Diffy Forum.
Hackers affiliated with North Korea’s Lazarus group have reportedly launched a massive phishing campaign targeting non-fungible token (NFT) investors in order to trick victims using 500 phishing domains. torture
Blockchain security firm Slomist released a report on Dec. 24 detailing the methods North Korea’s Advanced Total Threat (APT) group uses to lure NFT investors away from NFTs, which includes several NFT-linked websites. in the form of forums and typography projects.
Examples of these fake websites include websites claiming to be World Cup-related projects, as well as sites that monitor popular NFT trading platforms such as OpenC, X-2Y2 and Rarible.
One of their methods is to feed fake “money crime” into websites, linking the victim’s wallet to the website and tricking them into thinking I’m making money. NFTs are legal, Slomist said. it is
But NFT is actually a scam, leaving the victim’s wallet vulnerable to hackers who can now access it.
The report also found that many phishing websites operate under the same Internet domain, with 372 NFT phishing websites linked under one IP and another 320 NFT phishing websites linked to another IP.
Example of a phishing website: SlowMist
Slomist said the phishing campaign went on for months, noting that the first domain names appeared about seven months ago.
real reports of the rapidly growing cryptocurrency market (204 winners in 2022);
Other phishing techniques include collecting visitor information, storing it on an external website, and linking images to specific activities.
Once the hacker gets the visitor’s information, he launches various attacks on the victim, providing sensitive information such as victim credentials, permissions, use of additional wallets, and data deletion. Victims and Sigdatas.
All this information allows the hacker to access the victim’s wallet, exposing all of the victim’s digital assets.
But Slomist said this was just “the tip of the iceberg” because the analysis only looked at a small portion of the content and eliminated “some” of the North Korean hackers’ phishing behavior.
As SlowMist reports, just one phishing code can earn 1,055 NFTs and 300 Ether.
Make the ticker below
, worth $367,000, from his phishing attacks.
He said North Korea’s APT team was also responsible for Operation Never Fishing, previously documented by Privilion on March 15th.
Important: Blockchain security company warned of a new MetaMask leak campaign
By 2022, North Korea will be at the center of many crypto theft crimes.
North Korea has stolen $620 million worth of cryptocurrencies this year alone, according to a report released Dec. 22 by South Korea’s National Intelligence Service (NIS).
In October, Japan’s National Police sent an alert to the country’s cryptocurrency authority, asking them to watch out for North Korean hacking groups.
Source: Penny Telegraph
Source: Penny Telegraph