North Korean Phishing Scam Targets NFTs

In the latest report on NFT scams, North Korean hackers have been found to be behind a major phishing scam targeting NFT holders. According to Blockchain security firm, SlowMist, the hackers used as many as 500 phishing domains to lure unsuspecting victims. Most of these websites were duplicates of popular NFT platforms such as OpenSea and X2Y2.

Here’s all you need to know about the North Korean NFT phishing scam:

North Korean NFT phishing scam
The North Korean hackers created around 500 phishing domains. Credit: Unsplash

What is the North Korean NFT phishing scam?

In a report released on December 24, SlowMist alleged that hackers connected to North Korea’s Lazarus Group were behind a massive NFT phishing scam. Typically, the North Korean Advanced Persistent Threat (APT) groups used fake websites to offer investors “malicious mints”. 

To explain, the websites lure victims under the pretext of minting legitimate NFTs. Once they connect their wallets to the website, the hackers get access to the wallets and can drain them as they please. 

How do hackers steal NFTs?   

Furthermore, SlowMist discovered several unique NFT phishing traits used by the North Korean groups. For example, the phishing websites would record visitor data and save it to external sites. Then, they would run various “attack scripts” to access sensitive information such as victim’s access records, wallet addresses, authorizations, approve records, and sigData. Using this information, the North Korean hackers can drain victims’ wallets. 

Then, most of the sites used the same Internet Protocol (IP). Moreover, they used multiple tokens, such as WETH, USDC, and DAI, in their phishing attacks. Additionally, one phishing address, in particular, was responsible for a major number of transactions. 

“The hacker was able to receive a total of 1,055 NFTs and made off with a profit of approximately 300 ETH through their sales,” the report added. 

SlowMist’s findings on the North Korean NFT phishing scam further emphasise the need to take NFT security seriously.

Source NFT Evening

Tiền điện tử Coinex

Related News

Brief evaluation of fee-based and free gameplay in ordinals.

Regarding #ordinals, fees and free options, including Bitcoin NFTs...

What are NFT royalties, and how do they work?

1.What are NFT royalties? Royalties give NFT creators a way...

Fraggle Rock NFT Trading Cards Storm onto the Flow Blockchain

In a new partnership with Web3 company, ‘Tibles,’ the...

California DMV Drives NFT Car Titles onto the Blockchain

Though still novel, blockchain is being used more within...

Solana NFT Standard Lines Up a Major Overhaul

Some big changes are reportedly coming to Solana. As...

Love hits the Metaverse in The Sandbox Valentine’s Contest

The season of love is upon us and The...
- Advertisement -
Tiền Điện Tử Coinex