North Korean Hackers Make Over 300 ETH In Phishing Attacks Targeting NFTs

North Korean hackers have made over 300 ETH in profits after targeting NFT fans through phishing attacks. This is according to SlowMist, a blockchain security company investigating the group since September. The malicious group dubbed “APT Hacker Group” is believed to be sponsored by the state. It has amassed over $1 billion in illegal proceeds since 2017, with over half of that amount coming this year.

Their latest scam targeted NFT fans interacting with projects on various blockchains. The group would create decoy NFT-related websites that exposed users to malicious mints. This served as their primary tactic, according to SlowMist. To cast its net wide, the group had nearly 500 domain names that it used for phishing campaigns. And as SlowMist would find out, some of these domains were registered over seven months ago.

As mentioned earlier, SlowMist began investigating this hacker group back in September. All it took was a tweet from PhantomXSec. The user revealed the group was behind multiple attacks on Ethereum and Solana-based projects.

Wallet Linked To North Korean Hackers Stole Over 1000 NFTs

SlowMist discovered that one of the wallets linked to the hackers had received over 1055 NFTs. These would net the group over 300 ETH in profits after selling them. Upon further digging, SlowMist discovered this particular wallet was initially funded through Binance. And would proceed to interact with several risky addresses.

Interestingly, most of the phishing sites shared the same host IP address. For example, one IP had 372 and another had 320 phishing sites.

That said, the attacks focused on luring NFT holders to perform “Approve” operations. However, at times they would also trick them to “perform Seaport and Permit signatures, as well as other authorizing activities.”

SlowMist would also discover a DeFi platform run by the hacker group, plus a few ties with Eastern European hackers.

Author

  • Basil Kimathi

    Basil is an avid fan of blockchain technology and all its innovations, and he is passionate about sharing this narrative with his audience. He has spent over five years in the crypto space, specializing in research and creating fintech content for various media outlets around the globe. His work has been published on top websites such as usethebitcoin.com, European Blockchain Convention, NFTNewsToday, coinjournal.net, coinlist.me, and many others. When not thinking about disruptive technologies, Basil is busy exploring the outdoors.

The information provided on this blog is for informational purposes only and does not constitute financial, legal, or investment advice. The views and opinions expressed in the articles are those of the authors and do not necessarily reflect the official policy or position of NFT News Today.