Targeting of non-fungible token (NFT) owners

Date of report

December 2022

Affiliations

Lazarus Group

Lazarus Group targeted the owners of non-fungible tokens in a phishing campaign. The phishing sites allowed Lazarus to drain victims' accounts of both NFTs and cryptocurrencies.

Suspected victims

NFT owners and NFT storage services

Suspected state sponsor

Korea (Democratic People's Republic of)

Type of incident

Financial Theft

Target category

Private sector

Victim government reaction

Unknown

Policy response

Unknown

Suspected state sponsor response

Unknown

SlowMist: Investigation of North Korean APT’s Large-Scale Phishing Attack on NFT Users

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events