Theft Using 500 Phishing Domains! North Korean Hackers Rob NFTs





North Korean hackers rob NFTs using around 500 NFT phishing domains to dupe victims

North Korean hackers rob NFTs: they linked to cybercrime group ‘Lazarus Group’ are behind a massive phishing campaign targeting non-fungible token (NFT) investors, using around 500 phishing domains to dupe victims, a new report said. The strategies used by the North Korean Advanced Persistent Threat (APT) groups to distract NFT investors from their NFTs, such as the use of fake websites that appear to be various NFT-related platforms and projects, Cointelegraph quoted the report as saying.

These fake websites included one that presented itself as a World Cup project and others that impersonated popular NFT marketplaces like OpenSea, X2Y2, and Rarible. The use of “malicious Mints” which tricked the victims into thinking they are minting a real NFT by connecting their wallet to the website, was one of the strategies implemented.

The report also showed that a large number of NFT phishing websites shared the same Internet Protocol (IP), with 372 NFT phishing websites sharing a single IP and another 320 NFT phishing websites using a different IP. Other phishing techniques used included saving visitor data to external websites and recording it, as well as attaching photos to the projects that were being targeted. One phishing address alone was able to get 1,055 NFTs and profit 300 Ethereum (ETH), worth $367,000, through its phishing tactics, the report said.


Here are the five ways you can spot, avoid and protect yourself from cryptocurrency scams:

Do Your Research

It can be difficult to overlook guidance from tycoons and forces to be reckoned with on the web, yet you ought to do your own examination before contributing with regard to your cash. Start with PCMag’s manual for purchasing, selling, and overseeing Bitcoin. Try not to take any data online whatsoever. Assuming a venture sounds unrealistic, it’s most likely one of the cryptocurrency scams. 

Don’t Trust Everyone

Treat any individual who reaches you straightforwardly to request installments in cryptocurrencies or offers you a speculation opportunity in regards to crypto with outrageous alert. Try not to trust messages regardless of whether they seem, by all accounts, to be from government authorities, well-known individuals—any individual who requests that you pay for anything utilizing cryptocurrency. 

Secure Your Crypto Wallet

You most likely have anecdotes about individuals who lost somewhere around a couple of Bitcoins due to failing to keep a grip on their virtual wallets. Assuming you do possess cryptocurrencies, never share your private key or seed express with anybody. All things being equal, we suggest putting away that data someplace offline.


Use Multi-Factor Authentication

Use multifaceted verification on your crypto wallet to attempt to keep the trouble makers out. It’s anything but a definite fire arrangement, as we learned after the Coinbase hack, however it allows you a battling opportunity against numerous attackers.

Check That URL

Keep an eye on the URL for the sites you visit identified with cryptocurrency. Numerous phishing tricksters duplicate the URL of real locales and trade out letters or numbers. You additionally need to guarantee the site is secure, so search for the little lock image close to the URL. Make sure to turn on your antivirus programming. The best AV we’ve tried pays special mind to phishing tricks for your benefit and hinders malignant URLs.



Source link


Leave A Reply

Your email address will not be published.