Nätfiskekampanj med kopplingar till Nordkorea riktar sig till NFT-användare
- Säkerhetsexperter i Sydkorea hävdar att Nordkorea stöder hackare när de försöker samla in mer pengar efter sanktioner mot dess ekonomi.
- Hackare har plundrat mer än 1 TP3T1 miljarder från kryptoprojekt bara under 2022.
Crypto analysts and researchers have upptäckt en nätfiskekampanj av hackare med kopplingar till Nordkorea som jagar NFT-användare som köper tokens på populära marknadsplatser som OpenSea, X2Y2 och Rarible. Enligt upptäckterna köper användare förmodade legitima NFTs på dessa plattformar och omdirigeras till bluffsajter för att slutföra präglingsprocessen.
However, these websites tried to collect vital data from the minting process, including IP addresses, and authorizations. Users were allegedly tricked into performing authorizing actions such as sending their Seaport signature, which is required to confirm NFT contracts created on OpenSea.
The scam initiative has allegedly been going on for some months. Researchers claim that there are over 500 domains operating these kinds of “malicious mints”. The early domains were reportedly created earlier this year. Additionally, the large bulk of these domains shared the same IP address and earned the hackers a profit of $366,000.
Hackare har uttänkt various schemes this year, and North Korea has been traced to some of the biggest hacks on crypto platforms this year. South Korea’s main intelligence service noted that cybercriminals with ties to North Korea have robbed about $1.2 billion in the past five years.
North Korea is said to have turned to cybercrime as a means of generating income following U.N. sanctions imposed in 2016 and 2017 as a result of the country’s nuclear program. North Korea has been unable to profit from its resources and seems to have backed hackers to bring in extra income.