Lazarus Group’s strategy involves masterful impersonation of reputable investment institutions, creating fake Telegram accounts to target unsuspecting victims. They specifically target high-profile DeFi project teams, posing as potential investors to initiate deceptive communication. The group’s method involves persuading project teams to download malicious scripts under the guise of setting up meetings. These scripts provide the hackers remote access to pilfer funds.
The group uses two primary methods for their attacks: malicious meeting links and deceptive Calendly links. The former involves invitations to meetings hosted on suspicious domains, while the latter integrates malware into Calendly event pages. SlowMist issued a warning on November 30, 2023, about the evolving phishing strategies of the Lazarus Group.
To stay secure in the Web3 environment, SlowMist recommends thorough verification of new Telegram contacts, enabling two-factor authentication (2FA) on Telegram, vigilant scrutiny of transaction details, and immediate action in the event of suspected malware, including disconnecting from the internet, conducting virus scans, changing passwords, and transferring funds from compromised digital wallets. These measures are essential to mitigate the substantial risks associated with these sophisticated phishing attempts.
Source: Cyber Security News
To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.