The hackers from the North Korean Lazarus Group installed spyware that grabbed wallet credentials by taking advantage of a zero-day vulnerability in Google Chrome through a phoney blockchain-based game. Google repaired the issue after analysts from Kaspersky Labs discovered it in May and reported it to the company.
Play at a big risk
The hacker had advertised their play-to-earn multiplayer online war arena game on X and LinkedIn, and it was completely playable. In a global competition, the game, known as DeTankZone or DeTankWar, used non-fungible tokens (NFTs) as tanks.
Even if users did not download the game, they were infected via the website. The existing DeFiTankLand served as the model for the game created by the hackers.
The hackers employed a previously unidentified “type confusion bug in the V8 JavaScript engine” after using malware known as Manuscrypt. Through mid-May 2024, it was the ninth zero-day vulnerability discovered in Chrome.
Kaspersky principal security expert Boris Larin said:
“The significant effort invested in this campaign suggests they had ambitious plans, and the actual impact could be much broader, potentially affecting users and businesses worldwide.”
In February, Microsoft Security discovered the fraudulent game. Before Kaspersky could examine the exploit, the hackers had taken it down from the website. Nevertheless, Google corrected the Chrome vulnerability before the hackers could use it again after the lab alerted them to it.
North Korea loves crypto
The vendor is caught off guard by zero-day vulnerabilities, for which there is no available patch. As a result, Google needed 12 days to fix the issue.
Another zero-day vulnerability in Chrome was used by another North Korean hacker gang to attack crypto holders earlier this year.
The Lazarus Group enjoys cryptocurrency. Crypto crime watchdog ZachXBT claims that it laundered more than $200 million in cryptocurrency from 25 hacks between 2020 and 2023.
The US Treasury Department also claimed that Lazarus Group was responsible for the 2022 attack on Ronin Bridge, which resulted in the theft of cryptocurrency valued at over $600 million.
According to research by the US cybersecurity company Recorded Future, between 2017 and 2023, North Korean hackers collectively stole more than $3 billion in cryptocurrency.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.
CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.
