SlowMist: Investigation of North Korean APT’s Large-Scale Phishing Attack on NFT Users
Contents
SlowMist: Investigation of North Korean APT’s Large-Scale Phishing Attack on NFT Users
Background
On September 2, the SlowMist security team discovered that suspected APT groups were conducting large-scale phishing activities targeting NFT users in the encryption ecosystem, and released the “How Scammers Are Paying Nothing for Your NFTs”.
On September 4, Twitter user PhantomXSec tweeted that the North Korean APT group were responsible for crypto and NFT phishing campaigns targeting dozens of ETH and SOL projects.
PhantomXsec provided information on 196 phishing domain names that were linked to North Korean hackers after a thorough analysis. The list of specific domain names is as follows:
The SlowMist security team noticed the incident and immediately followed up with an in-depth analysis.
By the way, the same North Korean cyber actors responsible for the massive Naver phishing campaign first documented by @prevailion are also behind this campaign.
For confidentiality and privacy reasons, this article only analyzed a small portion of …
Background
On September 2, the SlowMist security team discovered that suspected APT groups were conducting large-scale phishing activities targeting NFT users in the encryption ecosystem, and released the “How Scammers Are Paying Nothing for Your NFTs”.
On September 4, Twitter user PhantomXSec tweeted that the North Korean APT group were responsible for crypto and NFT phishing campaigns targeting dozens of ETH and SOL projects.
PhantomXsec provided information on 196 phishing domain names that were linked to North Korean hackers after a thorough analysis. The list of specific domain names is as follows:
The SlowMist security team noticed the incident and immediately followed up with an in-depth analysis.
By the way, the same North Korean cyber actors responsible for the massive Naver phishing campaign first documented by @prevailion are also behind this campaign.
For confidentiality and privacy reasons, this article only analyzed a small portion of …