Nearly 500 phishing domains are being used by hackers connected to North Korea’s Lazarus Group in a massive phishing campaign that targets investors in non-fungible tokens (NFT), as reported by Cointelegraph.
On December 24, the blockchain security company SlowMist published a report outlining the methods used by North Korean APT groups to separate NFT investors from their NFTs, including bogus websites impersonating various NFT-related platforms and projects.
Cointelegraph further noted that these fraudulent websites include one that presents itself as a World Cup project and others that mimic popular NFT marketplaces like OpenSea, X2Y2, and Rarible.
One of the strategies, according to SlowMist, is to have these fake websites offer “malicious Mints,” which trick the victims into believing they are minting real NFTs by connecting their wallets to the website.
Furthermore, in 2022, North Korea was the target of numerous thefts of cryptocurrencies.
The National Intelligence Service (NIS) of South Korea reported on December 22 that North Korea had stolen cryptocurrencies worth $620 million just this year. The National Police Agency of Japan issued a warning to the nation’s crypto-asset businesses in October, cautioning them to be wary of the North Korean hacking group, Cointelegraph further stated.