Contents
North Korean Hackers Exploit Zero-Day Chrome Vulnerability through Fake Blockchain Game
The Deceptive Game Scheme
A Clever Ploy by Hackers
A group of North Korean hackers, known as the Lazarus Group, managed to exploit a zero-day vulnerability in Google’s Chrome browser by luring users through a fake blockchain-based game. The multiplayer online battle arena game, named DeTankZone or DeTankWar, enticed users with the promise of non-fungible tokens (NFTs) and worldwide competition. Despite appearing fully playable, the game was a facade to deploy spyware that stole wallet credentials.
The Malicious Malware
A Significant Security Breach
The hackers utilized a type confusion bug in the V8 JavaScript engine, complemented by malware named Manuscrypt, to target unsuspecting users accessing the game website. This marked the seventh zero-day vulnerability discovered in Chrome leading up to mid-May 2024. Kaspersky Labs’ principal security expert, Boris Larin, underscored the gravity of the cyber campaign, hinting at potentially severe ramifications for users and businesses globally.
North Korea’s Affinity for Crypto
A Troubling Trend
Zero-day vulnerabilities like the one exploited by the Lazarus Group can catch vendors off guard, delaying the release of patches. In this case, Google took 12 days to address the vulnerability, emphasizing the persistent threat posed by cyberattacks. This incident follows another instance where a different North Korean hacker group leveraged a zero-day Chrome vulnerability to target cryptocurrency holders earlier in the year, underscoring the country’s keen interest in crypto-related cyber activities.
Notoriously, the Lazarus Group has engaged in extensive cryptocurrency money laundering activities, washing over $200 million from 25 hacks between 2020 and 2023, as documented by crypto crime watchdog ZachXBT. The group was also implicated in the high-profile Ronin Bridge attack in 2022, which yielded crypto assets exceeding $600 million. A report from US cybersecurity firm Recorded Future highlighted the staggering scale of cryptocurrency theft by North Korean hackers, estimating a total haul of over $3 billion between 2017 and 2023.