According to a recent revelation, North Korean hackers associated with the cybercrime organisation 'Lazarus Group' are behind a huge phishing campaign that targets investors in non-fungible tokens (NFTs) and uses 500 phishing domains to trick victims. 

Cointelegraph cited the research as claiming that the tactics employed by the North Korean Advanced Persistent Threat (APT) groups to divert NFT investors from their NFTs include the deployment of bogus websites that imitate various NFT-related platforms and projects. 

One of these phoney websites claimed to be a World Cup initiative, and others mimicked well-known NFT marketplaces like OpenSea, X2Y2, and Rarible. One of the tactics used was the use of 'malicious Mints,' which deceived the victims into believing they were minting a real NFT by linking their wallet to the website.

The analysis also revealed that many phishing websites used the same Internet Protocol (IP), with 320 NFT phishing websites using a distinct IP and 372 NFT phishing websites sharing a same IP.

Other phishing methods employed included capturing and saving visitor data to external websites, as well as adding images to the projects that were being targeted.

According to the research, one phishing address alone managed to obtain 1,055 NFTs and profit 300 Ethereum (ETH), totaling $367,000. According to Cointelegraph, among these phoney websites are several that pose as World Cup projects and others that seem like well-known NFT marketplaces like OpenSea, X2Y2, and Rarible.

On December 22, South Korea's National Intelligence Service (NIS) revealed that North Korea has stolen cryptocurrencies worth $620 million alone this year. According to Cointelegraph, the National Police Agency of Japan sent a warning to the country's crypto-asset enterprises in October, advising them to be aware of the North Korean hacking outfit.