N.Korean Hackers Use 500 Phishing Domains To Steal NFTs

N.Korean Hackers Use 500 Phishing Domains To Steal NFTs

A large-scale phishing campaign, backed by hackers linked to the North Korean group Lazarus, led to the theft of 1,055 NFT.

The attackers created about 500 domains, passing them off as known marketplaces as well as a site dedicated to the World Cup. These offered users a fake coin issue, which in fact gave the fraudsters access to the victim's wallet.

The second scheme involved saving visitors' data on external sites for subsequent attack on the wallets connected and the confidential information provided.

All the phishing sites operated on two IP addresses.

The campaign began about seven months ago and is still ongoing. The cumulative damage from the attacks is unknown, but only one of the phishing addresses received 1,055 NFT worth 300 ETH ($367,000 at the time the tokens were sold).

However, experts stressed that in reality the scale of NFT thefts could be higher, as they have examined "only a small part of the material" related to the activities of North Korean hackers.

According to South Korea's National Intelligence Service, North Korea stole $620 million worth of cryptocurrencies in 2022 alone.

Previous postBrazil Passes Law To Legalize Crypto As a Payment Method
Next postThe Сomplete Overview Of A Cryptomus Payment Gateway

Cookies Settings

We use cookies to personalize content and advertising, to provide social media features, and to analyze our traffic. We also share information about your use of our site with our social media, advertising and analytics partners, who may combine it with other information. By continuing to use the site, you consent to the use of Cookie files.