In the latest report on NFT scams, North Korean hackers have been found to be behind a major phishing scam targeting NFT holders. According to Blockchain security firm, SlowMist, the hackers used as many as 500 phishing domains to lure unsuspecting victims. Most of these websites were duplicates of popular NFT platforms such as OpenSea and X2Y2.
Here’s all you need to know about the North Korean NFT phishing scam:
What is the North Korean NFT phishing scam?
In a report released on December 24, SlowMist alleged that hackers connected to North Korea’s Lazarus Group were behind a massive NFT phishing scam. Typically, the North Korean Advanced Persistent Threat (APT) groups used fake websites to offer investors “malicious mints”.
To explain, the websites lure victims under the pretext of minting legitimate NFTs. Once they connect their wallets to the website, the hackers get access to the wallets and can drain them as they please.
How do hackers steal NFTs?
Furthermore, SlowMist discovered several unique NFT phishing traits used by the North Korean groups. For example, the phishing websites would record visitor data and save it to external sites. Then, they would run various “attack scripts” to access sensitive information such as victim’s access records, wallet addresses, authorizations, approve records, and sigData. Using this information, the North Korean…
