1. Home
  2. Business
  3. Details
  4. Lazarus APT exploited zero-day vulnerability in Chrome to steal cryptocurrency

Lazarus APT exploited zero-day vulnerability in Chrome to steal cryptocurrency

Reported By: ST Report Posting Time: 2024-10-25 01:34:37 Catagory: Business News
news portal on youtube
Lazarus APT exploited zero-day vulnerability in Chrome to steal cryptocurrency

Kaspersky Global Research and Analysis Team (GReAT) uncovered a sophisticated malicious campaign by the Lazarus Advanced Persistent Threat (APT) group, targeting cryptocurrency investors worldwide. The attackers used a fake cryptogame website that exploited a zero-day vulnerability in Google Chrome to install spyware and steal wallet credentials. These findings were presented at the Security Analyst Summit 2024 in Bali.
In May 2024, Kaspersky experts identified an attack using Manuscrypt malware, associated with the Lazarus group, while analyzing incidents in Kaspersky Security Network telemetry. Lazarus has a history of targeting cryptocurrency platforms and using zero-day exploits. This newly uncovered campaign exploited two vulnerabilities, including a zero-day type confusion bug in V8, Google open-source JavaScript engine, later fixed as CVE-2024-4947. Attackers bypassed Google Chrome V8 sandbox protection through a fake NFT game website, designed with social engineering techniques and generative AI to target cryptocurrency investors.
Lazarus created social media accounts on X (formerly Twitter) and LinkedIn to promote the game, using AI-generated images and even engaging cryptocurrency influencers to distribute the threat. The group replicated a legitimate game, stealing its source code and altering logos, leading to the theft of US$20,000 from the original developers crypto wallet.