Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesCopyBotsEarn
Lazarus Group exploits Chrome flaw with fake NFT game

Lazarus Group exploits Chrome flaw with fake NFT game

GrafaGrafa2024/10/24 04:35
By:Isaac Francis

The North Korean Lazarus Group has leveraged a zero-day vulnerability in Google’s Chrome browser to install spyware via a fraudulent blockchain-based game. 

Kaspersky Labs analysts identified the exploit in May and subsequently notified Google, which has since resolved the issue. 

The fake play-to-earn multiplayer online battle arena game, named DeTankZone or DeTankWar, was fully functional and promoted on platforms like LinkedIn and X. 

It featured non-fungible tokens (NFTs) as tanks in a global competition, enticing users to participate. 

However, even those who did not download the game were at risk, as the hackers infected users directly through the game’s website. 

This operation mirrored the existing DeFiTankLand project. 

Utilising malware known as Manuscrypt, the Lazarus Group took advantage of a new type confusion bug in the V8 JavaScript engine, marking it as the seventh zero-day vulnerability discovered in Chrome in 2024 by mid-May. 

Kaspersky's principal security expert Boris Larin commented, “The significant effort invested in this campaign suggests they had ambitious plans, and the actual impact could be much broader, potentially affecting users and businesses worldwide.” 

Microsoft Security first detected the fake game in February, but by the time Kaspersky could analyse it, the hackers had already removed the exploit from their website. 

Despite this, Kaspersky informed Google, which promptly patched the vulnerability, preventing further exploitation. 

Zero-day vulnerabilities can take the vendor by surprise, lacking any ready patches, which in this case led to a 12-day period before Google could fix the issue. 

This incident follows another instance earlier in the year where a different North Korean hacker group exploited a similar vulnerability targeting cryptocurrency holders. 

The Lazarus Group has a history of engaging in cybercrime, having laundered over $200 million in cryptocurrency from various hacks between 2020 and 2023. 

The group is also linked to the 2022 attack on Ronin Bridge, which netted over $600 million in crypto, according to the U.S. Treasury Department. 

Overall, North Korean hackers have reportedly stolen more than $3 billion in crypto from 2017 to 2023.

0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.
APR up to 10%. Always on, always get airdrop.
Lock now!

You may also like

241122: XRP Price Surges 25% as Headwinds for Ripple Clear Even More

XRP is closely-related to Ripple Labs, a high-profile payments company targeted by the SEC since 2020 on allegations of selling the token as a security to U.S. investors. Ripple fully cleared a long-drawn court case in 2024, bringing the spotlight back on XRP, a major token that commands a $77 bill

Bitget Academy2024/11/22 05:49