SlowMist – the blockchain security company – recently released a report showing the tactics and scale of phishing attacks by the Lazarus Group. Based in North Korea, the Lazarus Group has been revealed to be behind a huge phishing campaign aimed at NFT investors.
In its report, SlowMist tied the group to over 500 phishing domains, illustrating just how aggressive its campaign is. Some examples include sites impersonating NFT marketplaces like OpenSea, even ones pretending to be affiliated with the World Cup.
Among its strategies, SlowMist found that Lazarus also used these websites to offer ‘Malicious Mints’. This method includes tricking the victim into linking their digital wallet to a spoof website to mint a fraudulent NFT. Once linked, the victim’s wallet and assets will be vulnerable, with the hackers being able to steal a victim’s assets.
Be sure to keep up to date with the methods used by these hackers by reading the report.
