Lazarus Group exploited Chrome vulnerability with fake NFT game
The North Korean Lazarus Group of hackers used a fake blockchain-based game to exploit a zero-day vulnerability in Google’s Chrome browser and install spyware that stole wallet credentials. Kaspersky Labs analysts noticed the exploit in May and reported it to Google, which has fixed it.
Play at a big risk
The hacker’s play-to-earn multiplayer online battle arena game was fully playable and had been promoted on LinkedIn and X. The game was called DeTankZone or DeTankWar and used non-fungible tokens (NFTs) as tanks in a worldwide competition.
Users were infected from the website, even if they did not download the game. The hackers modeled the game on the existing DeFiTankLand.
The hackers used malware called Manuscrypt followed by a previously unknown “type confusion bug in the V8 JavaScript engine.” It was the seventh zero-day vulnerability found in Chrome in 2024 through mid-May.
Kaspersky principal security expert Boris Larin said:
“The significant effort invested in this campaign suggests they had ambitious plans, and the actual impact could be much broader, potentially affecting users and businesses worldwide.”
The fake game was noticed by Microsoft Security in February. The hackers had removed the exploit from the website before Kaspersky could analyze it. The lab informed Google of it anyway and Google fixed the vulnerability in Chrome before the hackers could use it again.
Screenshot from Lazarus Group’s fake game. Source: SecureList
Related: FBI flags 6 Bitcoin wallets linked to North Korea, urges vigilance in crypto firms
North Korea loves crypto
Zero-day vulnerabilities take the vendor by surprise and there is no patch ready for it. Thus, it took Google 12 days to patch the vulnerability in question.
Another zero-day vulnerability in Chrome was harnessed by another North Korean hacker group to target crypto holders earlier this year.
Source: Microsoft Threat Intelligence
Lazarus Group is fond of crypto. Between 2020 and 2023, it laundered over $200 million in crypto from 25 hacks, according to crypto crime watcher ZachXBT.
Lazarus Group was also alleged by the United States Treasury Department to be behind the attack on Ronin Bridge that netted crypto worth over $600 million in 2022.
US cybersecurity firm Recorded Future found that North Korean hackers as a whole stole over $3 billion in crypto between 2017 and 2023.
Magazine: Lazarus Group’s favorite exploit revealed — Crypto hacks analysis
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
How YeagerAI Is Allowing dApps to Access Real-World Data More Efficiently
241128: Bitcoin Pumps Above $97K, Then Dumps, as Ether, XRP Surge 7%
Bitcoin zoomed above $97,000, bringing hopes of breaching the landmark $100,000 level on social media, before paring gains to nearly $95,500 in Asian morning hours on Thursday. BTC added 3.3% in the past 24 hours, data shows, ahead of a Thanksgiving weekend that has historically recorded sudden pri
Attention is value, and AI Agents will continuously attract users and capital
To truly grow, AI entities cannot be limited to promoting meme coins.
Flash Thursday: Buy crypto with a credit/debit card for zero fees
Every Thursday, enjoy zero fees when using your local fiat currency with a credit or debit card ( Visa, Mastercard, Google Pay Apple Pay)! Buy Crypto Promotion period: Every Thursday 8:00 PM – Friday 8:00 PM (UTC+8) Promotion rules Sign up for a Bitget account or log in to your existing account. Na