North Korean Hackers Target Crypto Users with Chrome Vulnerability

The North Korean hacking collective Lazarus Group has again popped into infamy by exploiting a zero-day vulnerability in Google’s Chrome browser, posing a significant threat to cryptocurrency users. 

The group, known for executing some of the largest cryptocurrency thefts, used the exploit to install spyware on victims’ devices, enabling the theft of cryptocurrency wallet credentials.

Kaspersky Team Detects Exploit

Security researchers at Kaspersky Labs uncovered that the Lazarus Group employed a fake play-to-earn blockchain game called DeTankZone (also known as DeTankWar) as a front for their attack. This multiplayer online battle arena game, featuring non-fungible tokens (NFTs) as tanks, was promoted on social media platforms like LinkedIn and X (formerly Twitter). While appearing legitimate, the game contained a hidden malicious script that exploited a vulnerability in Chrome. Merely visiting the site triggered the infection, allowing attackers to gain full control of the victim’s device.

According to Kaspersky, the first instance of this exploit was detected on May 13, 2024, when a Manuscrypt infection was found on a Russian individual’s computer. Kaspersky quickly reported the exploit to Google, which acted swiftly to patch the vulnerability.

High-Stakes Cyber Campaign

Boris Larin, principal security expert at Kaspersky Labs, remarked on the scale and ambition of this attack, saying, 

“The significant effort invested in this campaign suggests they had ambitious plans, and the actual impact could be much broader, potentially affecting users and businesses worldwide.”

The Lazarus Group’s strategy centered around exploiting a zero-day vulnerability — a term referring to a security flaw that is unknown to the software vendor at the time it is being exploited. This marked the seventh such vulnerability discovered in Chrome in 2024, underscoring the increasing focus cybercriminals have on targeting widely used browsers for their attacks.

Google’s Response and Broader Implications

Google responded promptly by patching the vulnerability within 12 days and taking additional measures, including blocking the website associated with DeTankZone and others linked to the campaign. Users attempting to access these sites are now warned of their malicious nature, even if they aren’t using Kaspersky products.

The frequency of zero-day attacks, such as those executed by the Lazarus Group, highlights a growing security challenge. Zero-day vulnerabilities are particularly dangerous because they remain unpatched for a period, leaving even the most updated systems vulnerable. This attack mirrors a similar exploit earlier in 2024 when another North Korean hacking group used a different Chrome vulnerability to target cryptocurrency holders.

Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

Latest posts

post-thumbnail
Chainlink Price Analysis: When Will LINK Retest $19?
The post Chainlink Price Analysis: When Will LINK Retest $19? appeared first on Coinpedia Fintech Ne...
READ MORE
post-thumbnail
Gold Price Extends Gains Beyond $3,420/oz: What Next for Bitcoin Price?
The post Gold Price Extends Gains Beyond $3,420/oz: What Next for Bitcoin Price? appeared first on C...
READ MORE
post-thumbnail
Bitwise Filed an S-1 Form for NEAR ETF— Yet Near Price See No Pump
The post Bitwise Filed an S-1 Form for NEAR ETF— Yet Near Price See No Pump appeared first on Coin...
READ MORE
post-thumbnail
KULR Technology Buys Additional 42 Bitcoin Worth $4M: Company’s BTC Trove Surges to 716.2 Coins
The post KULR Technology Buys Additional 42 Bitcoin Worth $4M: Company’s BTC Trove Surges to 716.2...
READ MORE
default post thumbnail
XRP Price Still On Bullish Path To $5 As Long As This Level Holds
The XRP price continues to show strong bullish signals in the medium term, with a crypto analyst for...
READ MORE
default post thumbnail
Bitcoin Network Activity In Bear Market Zone—Warning Or Opportunity?
On-chain data shows the Bitcoin network activity has recently declined into the bear market zone. He...
READ MORE
Read more posts