Journey of a Crypto Scammer - NFT-001

Threat actors are paying attention to the growth of the non-fungible token (NFT) market. Using investor interest in NFTs and cryptocurrency as an entry point for phishing attacks, cybercriminals are increasingly deploying credential-stealing malware to hijack crypto accounts and steal cryptocurrencies and other digital assets. 

Last year, Morphisec Labs encountered and fully disclosed the inner workings behind the Babadeda Crypter, a dynamic new threat aimed at blockchain investors on the Discord app.

In this report, we pick up where we left off in November 2021, taking a closer look at the attacker’s motivations, infrastructure, and activities. We also explain why traditional signature and behavior-based detection tools are not able to protect against these types of campaigns and how Moving Target Defense technology can keep your devices safe from this dangerous threat.