Attackers pose as NFT creators, offer business partnerships, and trick victims into downloading malware.
Over the past week, digital artists and non-fungible token (NFT) creators have been at the centre of a malicious campaign in which attackers try to steal the money they have earned.
The attacks started last week and continued over the weekend. They became known after the affected artists began to actively report on Twitter that funds were stolen from their private cryptocurrency wallets.
Using a number of fake identities, the attackers reportedly impersonate the creators of the NFT, offer business partnerships, and trick victims into downloading and running malicious file onto their computers. This file is disguised as a Windows screensaver (.SCR).
Security researcher Bart Blaze examined one of these SCR files and found that it was configured to temporarily install on the computers of victims of the Redline malware. The malware does not have a mechanism for maintaining persistence on the system, that is, after restarting the computer, it does not remain on it. Nevertheless, this does not prevent Redline from acting with lightning speed – the malware is able to collect and steal all user data in just a few minutes. In particular, it can steal browser credentials and configuration files for cryptocurrency wallets, including browser extensions.
As a result of one of these attacks, the attackers stole 40 thousand AXS tokens from the victim in the amount of $ 176 thousand. Others lost smaller amounts, but the damage, albeit insignificant, is still damage.
NFT is a type of cryptographic token, each instance of which is unique (specific) and cannot be exchanged or replaced with another similar token, although usually, tokens are fungible in nature. NFTs are used across multiple platforms to prove ownership and use of digital assets. Most often, we are talking about digital items, such as copies of computer art, digital collectable items, online games.
Catch up on more stories here
Follow us on Facebook here