Hackers linked to North Korea’s Lazarus Group have reportedly been running a large-scale phishing campaign targeting non-fungible token (NFT) investors, using almost 500 phishing domains.
Blockchain security firm SlowMist released a report revealing that the group, known as an Advanced Persistent Threat (APT), has been using decoy websites disguised as various NFT-related platforms and projects to dupe victims into thinking they are minting a legitimate NFT by connecting their wallet to the site, when in fact the NFT is fraudulent and the victim’s wallet is left vulnerable to the hacker.
SlowMist said the campaign has been ongoing for several months and that just one phishing address was able to obtain 1,055 NFTs and profit 300 ETH, worth around $367,000, through its tactics.
It added that the same APT group was responsible for the Naver phishing campaign documented by Prevailion in March.
I'm a crypto, blockchain, and tech writer. I spend my time researching and writing about cryptocurrency, NFT, AI, and new technology.
Related posts
Adidas remains committed to the metaverse, launching NFTs as others exit
GoMining to Introduce Updated In-Platform Voting Mechanics
Funtico Launches Exclusive Whitelist for Summoners NFT Sale
