North Korean hackers affiliated with the Lazarus Group, a well-known cybercrime group that has been active for several years is believed to be based in North Korea and has been linked to a number of high-profile cyber attacks and data breaches. The hackers reportedly have launched a significant phishing campaign targeting non-fungible token (NFT) investors, according to a recent report.
The group, known as an Advanced Persistent Threat (APT), utilized approximately 500 phishing domains to deceive victims, using tactics such as creating fake websites that appeared to be legitimate NFT platforms and projects, including ones pretending to be a World Cup project and others impersonating popular NFT marketplaces.
The Lazarus Group is a well-known cybercrime group that has been active for several years. It is believed to be based in North Korea and has been linked to a number of high-profile cyber attacks and data breaches.
The North Korean Hackers group has been known to use a variety of tactics to compromise the security of organizations and individuals, including phishing campaigns, malware attacks, and sophisticated hacking techniques. It is considered to be a significant threat to the cybersecurity of businesses and governments around the world.
The hackers also employed “malicious Mints” to trick victims into believing they were minting a genuine NFT by connecting their wallet to the fake website.
The list of High-Profile Cyber Attacks by North Korean Hackers Worldwide
The Lazarus Group, rated among the leading North Korean Hackers group has been linked to a number of high-profile cyber attacks and data breaches, including:
- The 2014 attack on Sony Pictures, which resulted in the release of confidential company data and the cancellation of several movies.
- The 2016 Bangladesh Bank cyber heist, in which hackers stole $81 million from the central bank of Bangladesh.
- The 2017 WannaCry ransomware attack, which affected more than 200,000 computers in 150 countries and caused billions of dollars in damage.
- The 2018 attack on the cryptocurrency exchange Coincheck, in which hackers stole more than $500 million worth of cryptocurrency.
- The 2019 attack on the U.S. defense contractor C&K Systems, in which hackers stole sensitive data related to military communications systems.
- The 2020 attack on the security company FireEye, in which hackers stole valuable tools and information from the company’s red team.
The Lazarus Group is also believed to be behind a number of other cyber attacks and data breaches, including those targeting banks, government agencies, and other organizations. The group is known for using sophisticated hacking techniques and for being highly successful in evading detection and attribution.
The report revealed that many of the phishing websites had the same Internet Protocol (IP) address, with 372 NFT phishing websites sharing one IP and another 320 NFT phishing websites using a different IP.
The hackers employed various other phishing techniques, including capturing visitor data and saving it to external websites, and attaching photos to the targeted projects.
One single phishing address was reportedly able to acquire 1,055 NFTs and earn 300 Ethereum (ETH), worth approximately $367,000, through its phishing tactics.