Lazarus Group exploits Chrome flaw with fake NFT game
The North Korean Lazarus Group has leveraged a zero-day vulnerability in Google’s Chrome browser to install spyware via a fraudulent blockchain-based game.
Kaspersky Labs analysts identified the exploit in May and subsequently notified Google, which has since resolved the issue.
The fake play-to-earn multiplayer online battle arena game, named DeTankZone or DeTankWar, was fully functional and promoted on platforms like LinkedIn and X.
It featured non-fungible tokens (NFTs) as tanks in a global competition, enticing users to participate.
However, even those who did not download the game were at risk, as the hackers infected users directly through the game’s website.
This operation mirrored the existing DeFiTankLand project.
Utilising malware known as Manuscrypt, the Lazarus Group took advantage of a new type confusion bug in the V8 JavaScript engine, marking it as the seventh zero-day vulnerability discovered in Chrome in 2024 by mid-May.
Kaspersky's principal security expert Boris Larin commented, “The significant effort invested in this campaign suggests they had ambitious plans, and the actual impact could be much broader, potentially affecting users and businesses worldwide.”
Microsoft Security first detected the fake game in February, but by the time Kaspersky could analyse it, the hackers had already removed the exploit from their website.
Despite this, Kaspersky informed Google, which promptly patched the vulnerability, preventing further exploitation.
Zero-day vulnerabilities can take the vendor by surprise, lacking any ready patches, which in this case led to a 12-day period before Google could fix the issue.
This incident follows another instance earlier in the year where a different North Korean hacker group exploited a similar vulnerability targeting cryptocurrency holders.
The Lazarus Group has a history of engaging in cybercrime, having laundered over $200 million in cryptocurrency from various hacks between 2020 and 2023.
The group is also linked to the 2022 attack on Ronin Bridge, which netted over $600 million in crypto, according to the U.S. Treasury Department.
Overall, North Korean hackers have reportedly stolen more than $3 billion in crypto from 2017 to 2023.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Cboe BZX Exchange proposes options trading on spot Ethereum ETFs
Spot Ethereum ETFs made their debut last July and earlier this week witnessed their largest day of trading volume ever.Options trading on spot Bitcoin ETFs officially went live for the first time on Nov. 19, 2024 — and now they might be coming to Ethereum.
BlackRock plans bitcoin exchange-traded product for European market: report
Asset management giant BlackRock is preparing a bitcoin-based ETP product to be listed in Europe, according to Bloomberg.The financial instrument will likely be based out of Switzerland.
Berachain outlines tokenomics ahead of mainnet launch and airdrop
The Berachain Foundation outlined Berachain’s tokenomics and unveiled a BERA airdrop checker ahead of its mainnet launch on Thursday.Some 15.8% of the token’s initial 500 million genesis supply will be airdropped to Berachain community members, applications and liquidity providers.
MicroStrategy rebrands as 'Strategy' in move to emphasize its bitcoin position
The brand’s primary color is now orange, which it says represents energy, intelligence and Bitcoin.The company’s total bitcoin holdings stand at 471,107, worth around $44 billion.
Trending news
MoreCrypto prices
More
