according to report goodSlow Mist began its investigation of the group in September after Twitter user PhantomXSec noted that the group was behind phishing attacks on several Ethereum And solana projects.
Analysis of several phishing sites linked to SlowMist’s group revealed that one of its primary tactics was to create fake NFT-related decoy sites with malicious mints. The group has around 500 domain names that it uses for its phishing campaigns, some of which were registered as early as seven months ago.
Wallet affiliated with group steals 1055 NFTs, net 300 ETH
Slow Mist revealed that a purse A total of 1,055 NFTs belonging to one of the group’s phishing websites were obtained and made a profit of approximately 300 ETH through the sale. As per the report, the wallet was initially funded through Binance. The report states that the wallet interacted with a number of compromised addresses.
Additionally, many NFT phishing sites share the same host IP. There were 372 NFT sites under one IP and 320 phishing sites under another IP.
By examining the core code of the phishing sites, Slow Mist found that the hackers used multiple coins such as WETH, USDC, etc. Midwife, and UNI, to attack. Hackers usually focus on enticing users to perform “approved” operations.
But they sometimes go a step further to induce victims to “sign ports and permits, as well as other authorized activities.” Slow Mist also searched DeFi The platform is run by North Korean hackers
Meanwhile, the security firm also identified some form of collaboration between North Korean and Eastern European hackers.
North Korea and crypto hacks
spy agency of south korea Said North Korea supported hackers is allegedly stolen Over $1 billion in crypto assets since 2017. As per the report, state-backed malicious players stole half of that amount in 2022 alone.
South Korean agency said North Korea relies on crypto-hacking activities Fund Also to support its nuclear program and its fragile economy.
Multiple reports have linked Lazarus to prominent North Korean hacker groups. hacks Recorded in the industry this year. The group is reportedly responsible for the $100 million Harmony Bridge exploit and over $600 million exploit, take unfair advantage of Axi Infinity’s Ronin Bridge.
BeInCrypto has reached out to the company or the person involved in the story for an official statement regarding the recent development, but has yet to hear back.
#North #Korea #Hacker #Group #Nets #ETH #Phishing #NFT