{"id":21421,"date":"2024-10-25T05:42:14","date_gmt":"2024-10-25T05:42:14","guid":{"rendered":"https:\/\/www.bitrabo.com\/discover\/?p=21421"},"modified":"2024-10-25T05:42:14","modified_gmt":"2024-10-25T05:42:14","slug":"lazarus-group-launches-blockchain-game-aimed-at-hijacking-chrome-for-cryptocurrency-theft","status":"publish","type":"post","link":"https:\/\/www.bitrabo.com\/discover\/lazarus-group-launches-blockchain-game-aimed-at-hijacking-chrome-for-cryptocurrency-theft\/","title":{"rendered":"Lazarus Group Launches Blockchain Game Aimed at Hijacking Chrome for Cryptocurrency Theft"},"content":{"rendered":"\n<p>A cybersecurity company reported that a well-known group of hackers from North Korea managed to steal $3 billion in cryptocurrencies using a deceptive blockchain game. According to <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/securelist.com\/lazarus-apt-steals-crypto-with-a-tank-game\/114282\/\">Kaspersky Lab<\/a>, the Lazarus Group exploited a serious flaw in the Google Chrome browser to access and drain the crypto wallets of unsuspecting users.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Lazarus_Groups_3_Billion_Crypto_Theft\"><\/span><strong>Lazarus Group&#8217;s $3 Billion Crypto Theft<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>This North Korean hacking group is said to have used the fraudulent game to amass over $3 billion in cryptocurrency, conducting this operation from 2016 to 2022.<\/p>\n<p>This massive theft highlights a significant security oversight in Google\u2019s Chrome browser, which failed to fix the vulnerability that was exploited.<\/p>\n<p>Additionally, a blockchain investigator found that the <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.darkreading.com\/cyberattacks-data-breaches\/lazarus-group-exploits-chrome-zero-day-campaign\">Lazarus Group<\/a> was behind 25 separate hacking incidents, successfully laundering $200 million in crypto.<\/p>\n<p>Furthermore, there is evidence of a team of North Korean developers engaged with \u201cestablished\u201d cryptocurrency initiatives, reportedly earning a monthly salary of $500,000.<\/p>\n<p><\/p>\n<h2><span class=\"ez-toc-section\" id=\"The_Questionable_Gaming_Strategy\"><\/span><strong>The Questionable Gaming Strategy<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Kaspersky Labs analysts Vasily Berdnikov and Boris Larin noted that the Lazarus Group launched a phony game known as DeTankZone (or DeTankWar), which focused on Non-Fungible Tokens (NFTs) to manipulate and steal from its victims.<\/p>\n<p>The hackers cleverly used the zero-day <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.scworld.com\/brief\/fraudulent-defi-game-leveraged-in-new-crypto-investor-targeted-lazarus-attack\">vulnerability in Google Chrome<\/a> to execute their malicious plan.<\/p>\n<p><img fetchpriority=\"high\" decoding=\"async\" data-recalc-dims=\"1\" class=\"aligncenter size-full wp-image-333655\" src=\"https:\/\/www.bitrabo.com\/discover\/wp-content\/uploads\/2024\/10\/Lazarus-Group-Unleashes-Blockchain-Game-To-Exploit-Chrome-And-Steal.png\" alt=\"\" width=\"1024\" height=\"540\" \/><\/p>\n<p>Berdnikov and Larin explained that the hackers lured individuals to a harmful website through the fake game, where they introduced malware known as Manuscript into the victims&#8217; systems.<\/p>\n<p>This malware compromised Chrome\u2019s memory, allowing the hackers to acquire usernames, authorization tokens, and other critical information necessary for stealing cryptocurrency from their targets.<\/p>\n<p><strong>12 Days to Address the Vulnerability<\/strong><\/p>\n<p>Kaspersky Lab analysts detected the Lazarus Group&#8217;s activities in May and promptly notified Google about the vulnerability to aid in its resolution.<\/p>\n<p>However, Google took <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/thehackernews.com\/2024\/10\/lazarus-group-exploits-google-chrome.html\">12 days to fix this zero-day flaw<\/a>.<\/p>\n<p>Boris Larin, a principal security expert at Kaspersky Lab, underscored that the considerable resources dedicated to this hacking campaign suggest that the group has extensive future plans.<\/p>\n<p>He cautioned that the implications of their actions might be more significant than initially assumed.<\/p>\n<p>This situation serves as a reminder that the fight against cybercriminals is ongoing. The vulnerabilities in Chrome highlight the need for regular upgrades to security measures and increased vigilance against cybersecurity threats.<\/p>\n<p><em>Image from Le Parisien, chart data from TradingView<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A cybersecurity company reported that a well-known group of hackers from North Korea managed to steal $3 billion in cryptocurrencies using a deceptive blockchain game. According to Kaspersky Lab, the Lazarus Group exploited a serious flaw in the Google Chrome browser to access and drain the crypto wallets of unsuspecting users. Lazarus Group&#8217;s $3 Billion [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":21422,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"slim_seo":{"title":"Lazarus Group Launches Blockchain Game Aimed at Hijacking Chrome for Cryptocurrency Theft - Bitrabo","description":"A cybersecurity company reported that a well-known group of hackers from North Korea managed to steal $3 billion in cryptocurrencies using a deceptive blockchai"},"footnotes":""},"categories":[316],"tags":[686,9765,4566,504,1293,2119,1065,3666,5380,1795,2726],"class_list":["post-21421","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-crypto-news","tag-blockchain","tag-blockchain-game","tag-chrome","tag-crypto","tag-exploit","tag-game","tag-group","tag-lazarus","tag-lazarus-group","tag-steal","tag-unleashes"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.bitrabo.com\/discover\/wp-json\/wp\/v2\/posts\/21421","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.bitrabo.com\/discover\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.bitrabo.com\/discover\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.bitrabo.com\/discover\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bitrabo.com\/discover\/wp-json\/wp\/v2\/comments?post=21421"}],"version-history":[{"count":0,"href":"https:\/\/www.bitrabo.com\/discover\/wp-json\/wp\/v2\/posts\/21421\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.bitrabo.com\/discover\/wp-json\/wp\/v2\/media\/21422"}],"wp:attachment":[{"href":"https:\/\/www.bitrabo.com\/discover\/wp-json\/wp\/v2\/media?parent=21421"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.bitrabo.com\/discover\/wp-json\/wp\/v2\/categories?post=21421"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.bitrabo.com\/discover\/wp-json\/wp\/v2\/tags?post=21421"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}