Chrome Vulnerability: North Korean Hackers Steal Cryptocurrency

MetaversePlanet

A North Korean hacker group targeted several organizations to steal cryptocurrency by exploiting an unknown vulnerability in Chrome-based browsers.

According to a report by Microsoft, the attack was detected on August 19, and the hackers were linked to a group known as “Citrine Sleet,” which is infamous for targeting the cryptocurrency industry.

The hackers exploited a bug in the Chromium engine, which powers popular browsers like Chrome and Microsoft Edge. This vulnerability was classified as a “zero-day” since it was not known to Google at the time of discovery, leaving the software manufacturer with no time to fix it. Google confirmed on August 21 that the vulnerability had been patched.

Microsoft stated that it had notified customers who were targeted and compromised but did not disclose which organizations or how many victims were affected.

Contents show
How do cryptocurrency attacks work?
You may also like this content

How do cryptocurrency attacks work?

According to researchers, Citrine Sleet targets organizations and individuals involved in managing cryptocurrencies for financial gain. To deceive individuals in the cryptocurrency industry, the group creates fake cryptocurrency trading platforms, leading victims to apply for fake jobs or download malicious cryptocurrency wallets or trading apps.

The attack begins when victims visit a website controlled by the hackers. By exploiting another vulnerability in the Windows operating system, the hackers install a rootkit (malware) on the target computer, giving them deep access to the operating system. At this point, the victim’s data is fully under the hackers’ control.

Cryptocurrencies have long been an attractive target for North Korean government-backed hackers. According to the United Nations Security Council, the North Korean regime stole $3 billion worth of cryptocurrency between 2017 and 2023. Under international sanctions, Kim Jong Un’s administration has turned to crypto theft to fund its nuclear weapons program.

What are your thoughts on this? Share your opinion in the comments!

You may also like this content


Related Articles

Exit mobile version