North Korean Hackers Exploit Chrome Vulnerability with Fake NFT Game to Steal Crypto Wallets

North Korean hackers exploited a zero-day Chrome vulnerability through a fake NFT game, stealing wallet credentials. The exploit targeted users globally and was identified by Kaspersky Labs in May 2024.

North Korean Hackers Exploit Chrome with Fake NFT Game to Steal Crypto Wallets

A North Korean cyber group, identified as the notorious Lazarus Group, exploited a zero-day vulnerability in Google Chrome to launch a cyberattack on crypto wallet holders using a fake NFT-based game. The hack was first discovered by Kaspersky Labs in May 2024, which promptly reported the issue to Google. The vulnerability has since been resolved.

The Fake NFT Game Exploit

The attackers promoted a play-to-earn multiplayer online game called DeTankZone, also referred to as DeTankWar, which utilized non-fungible tokens (NFTs) as in-game assets. The game, fully playable and blockchain-based, was designed to attract unsuspecting players by offering NFTs as vehicles in global competitions. However, even users who did not download the game were affected, as visiting the website could infect their systems with spyware.

The malware, named Manuscrypt, took advantage of a previously unknown flaw—referred to as a “type confusion bug”—in Chrome’s V8 JavaScript engine. This flaw allowed the hackers to steal wallet credentials from crypto users who interacted with the game or visited its website.

Zero-Day Vulnerability in Chrome

The exploitation of this zero-day vulnerability was the seventh of its kind discovered in Chrome by mid-2024. A zero-day vulnerability refers to a flaw that is exploited by attackers before developers are aware of it or have issued a fix, leaving systems exposed. According to Boris Larin, a principal security expert at Kaspersky, the level of sophistication demonstrated in this campaign suggests the hackers had “ambitious plans,” with potential widespread impacts.

The vulnerability remained open for 12 days before Google successfully patched it in Chrome, preventing further exploitation by the hackers.

Lazarus Group’s History with Crypto Attacks

This attack is one of many attributed to Lazarus Group, a well-known North Korean hacking collective. The group has consistently targeted cryptocurrency exchanges, wallets, and blockchain platforms. Between 2020 and 2023, Lazarus is estimated to have laundered over $200 million in cryptocurrency from 25 different breaches, according to blockchain crime analyst ZachXBT.

Lazarus Group has a notorious history with high-profile crypto heists. In 2022, they were held responsible for the Ronin Bridge hack, which led to the theft of over $600 million in crypto assets. Between 2017 and 2023, North Korean hackers reportedly seized more than $3 billion in cryptocurrency, contributing to their reputation as one of the world’s most dangerous cybercrime entities.

Ongoing Threat and Response

Kaspersky Labs confirmed that despite the removal of the game’s exploit by the hackers, the discovery was reported in time to prevent further damage. Microsoft Security had previously identified the fraudulent game in February, but it wasn’t until Kaspersky’s analysis that the full scope of the vulnerability became apparent.

This attack highlights the growing sophistication of cybercriminals targeting the crypto ecosystem. North Korea’s interest in cryptocurrency remains a persistent threat, with Lazarus Group at the forefront of such operations. As crypto adoption rises, both individuals and businesses must remain vigilant, particularly regarding zero-day vulnerabilities and other sophisticated cyberattacks.

Our creator. creates amazing NFT collections! 
Support the editors - Bitcoin_Man (ETH) / Bitcoin_Man (TON)

Pi Network (Guide)is a new digital currency developed by Stanford PhDs with over 55 million participants worldwide. To get your Pi, follow this link https://minepi.com/Tsybko and use my username (Tsybko) as the invite code.

Binance: Use this link to sign up and get $100 free and 10% off your first months Binance Futures fees (Terms and Conditions).

Bitget: Use this link Use the Rewards Center and win up to 5027 USDT!(Review)

Bybit: Use this link (all possible discounts on commissions and bonuses up to $30,030 included) If you register through the application, then at the time of registration simply enter in the reference: WB8XZ4 - (manual)