The Lazarus Group, a North Korean hacking collective, recently exploited a vulnerability in Google Chrome by using a fake NFT game to lure victims. This attack was part of a broader effort by the group, known for targeting cryptocurrency users.
In this instance, the hackers created a seemingly legitimate website promoting an NFT-based multiplayer tank game, encouraging visitors to download a trial version.
Once users accessed the site, a hidden script exploited a zero-day vulnerability in Chrome, allowing malware to be secretly installed on their computers. This malware gave the hackers control over the victims’ systems, enabling them to steal sensitive data, including cryptocurrency wallet credentials.
Cybersecurity and antivirus company Kaspersky later detected the malware on an individual’s computer in Russia. This was unusual, as the Lazarus Group typically targets large organizations. This case underscores the importance of updating browsers and security software to avoid similar attacks.
The Lazarus Group is a North Korean cybercrime organization active since at least 2009. Initially recognized for its sophisticated attacks on financial institutions and government entities, the group has evolved its strategies over the years, particularly focusing on the cryptocurrency sector.
Their operations have garnered global attention due to their advanced techniques and significant financial impact.
One of the most notorious incidents attributed to the Lazarus Group was the 2014 Sony Pictures hack, which led to the theft and public release of sensitive data. More recently, they have shifted their focus to the cryptocurrency sector, exploiting vulnerabilities to steal vast sums of money.
Reports indicate they have been involved in hacking incidents that have collectively stolen billions of dollars, including an estimated $1.7 billion from crypto-related operations between 2017 and 2021.
The group operates under various subgroups, with BlueNoroff being one of the more notable ones focused on financial gains, particularly through cryptocurrency theft. They have demonstrated a high level of sophistication in their attacks, often using advanced malware and phishing techniques to gain access to users’ systems.
Their recent exploits include creating fake websites that mimic legitimate cryptocurrency platforms or games and tricking users into downloading malware that compromises their personal information and financial assets.