NFT Collectors Beware—North Korean Hackers are Phishing in Your Waters

*Previously published on my blog:?IPProbe.Global

On December 24, 2022, Slow Mist, a blockchain security firm, presented an analysis of a North Korean Advanced Persistent Threat (APT.)

The APT impersonates NFT-supported websites to steal NFT collectors' cryptocurrency and their personal identifying and financial credentials.

The website impersonation includes:

—Crypto Currency Blockchains

—Crypto Wallets

—Crypto Exchanges and

—NFT Marketplaces.

Slow Mist: Investigation of North Korea APTs Large Scale Phishing Attack on NFT Users.

Four days later, Blockster published a synopsis of the Slow Mist investigation, which does a nice job of putting it into context.

The Blockster report also includes a list of sensible recommendations NFT collectors can use to protect themselves from phishing attacks, such as--

1. Verify websites' legitimacy before entering personal information, such as your wallet address or private key. Look for official URLs and contact information.

2. Enable two-factor authentication (2FA) for your wallet and other accounts. 2FA is an extra layer of security that requires you to enter a code from a device, such as a smartphone, to access information.

3. Beware of emails that contain links or attachments from unknown senders. Don’t click on any suspicious links or enter your information on websites you’re unfamiliar with.

4. Use strong passwords and don’t reuse them across multiple accounts. It’s also a good idea to regularly change your passwords, especially if you suspect your account may have been compromised.

5. Avoid publicly sharing your wallet address with people you know. You should also avoid public Wi-Fi networks and use a VPN when possible.

6. Make sure to spot a phishing email by looking for spelling mistakes, poor grammar, and excessive use of punctuation marks like exclamation points.

FINAL THOUGHT

I urge IP Probe Blog readers to browse the Slow Mist investigation. Besides presenting exhaustive data, it provides screenshot-samples of some of the impersonating North Korean websites.

ADDTIONAL READING

IP Probe Blog - 5/14/22 — First US/DOJ—NFT “Rug Pull” Prosecution: Part?2?of 2

IP Probe Blog - 4/29/22 — First US/DOJ—NFT “Rug Pull” Prosecution: Part 1 of 2

Disclaimer:?IPProbe.Global?is a service to the professional IP community. While every effort has been made to check information in this blog, we provide no guarantees or warranties, express or implied, regarding the content provided in?IPProbe.Global. We disclaim all liability and responsibility for the qualification or accuracy of representations made by the contributors or for any disputes that may arise. It is the responsibility of the readers to independently investigate and verify the credentials of such persons and the accuracy and validity of the information provided by them. This blog is for general inform