A notorious group of North Korean hackers, Lazarus, recently deployed a sneaky method to spread malware by exploiting a flaw in Google Chrome. According to cybersecurity firm Kaspersky, these attackers set up a fake NFT game site to spread malicious software called “Manuscrypt.”
The Attack Strategy
The hackers created a bogus “play-to-earn” NFT game called “DeTankZone,” luring users in with the promise of rewards through battles with NFT tanks.
This was simply a ruse, once users accessed the site using Chrome, an undisclosed vulnerability allowed the hackers to execute remote code, secretly installing malware on their devices. Google was alerted to the issue in May and quickly issued a patch, though only a limited number of attacks were recorded.
Building a Deceptive Front
To attract more users, the hackers also established fake social media profiles under usernames like @collectspin and @DeTankZone to promote the game.
These accounts, which urged users to message them directly, were a common tactic to get people to interact and unknowingly download malicious files. One profile, likely a hacked account, amassed over 6,000 followers, adding legitimacy to the scheme.
Read more: It Is Too Late to Buy Crypto in 2024?
More Than Just a Scam
To make the operation seem authentic, Lazarus hackers even used a real game—created with Unity—from a crypto project called “DeFiTankLand.”
Although researchers managed to download a “beta” version of the game, it was basic and buggy, similar to older shareware games, and offered none of the promised rewards. Players received no NFTs or cryptocurrency but left their computers exposed to malware.
The Chrome Exploit
This Chrome vulnerability arose due to a new compiler, Maglev, introduced in late 2022 to speed up Chrome’s code processing. A programming glitch caused a “type confusion” error, which attackers took advantage of in Chrome version 117.
Read more: Popular Crypto This Week DOGE, XRP, SHIB, TRX, Which One is The Best?
The Rise of Cyber Theft
For North Korea, cryptocurrency theft is a key income stream. Last year alone, North Korean hackers reportedly stole over $600 million in cryptocurrency, contributing to a total of $3 billion since 2017.
This incident shows how hackers exploit popular platforms and fake online games to lure users. Staying cautious about unknown online activities and keeping software up-to-date are essential defenses against such cyber threats.
Google’s rapid response with a Chrome update addressed this exploit, underlining the importance of regular software updates to stay secure in an ever-evolving threat landscape.
Leave a Reply