As a seasoned cybersecurity analyst with over two decades of experience under my belt, I must say that this latest report on the Lazarus Group’s $3 billion crypto heist is nothing short of breathtaking. It seems like North Korea’s notorious hackers have outdone themselves yet again, managing to exploit a vulnerability in the Google Chrome browser for six long years, draining the digital wallets of unsuspecting victims through a deceptive blockchain game.
Yesterday, it was reported that a notorious hacking group originating from North Korea managed to steal approximately $3 billion in cryptocurrency from users by creating a deceitful blockchain game. According to Kaspersky Lab, the Lazarus Group exploited a significant weakness in the Google Chrome browser, enabling them to empty the digital wallets of their targets.
Lazarus Group: $3 Billion Crypto Heist
Over a six-year span from 2016 to 2022, it’s been reported that North Korean hackers pulled off a stealthy heist, amassing over $3 billion in cryptocurrency using a deceptive video game.
The robbery that occurred was a result of Google not fixing a weakness in the Chrome browser on time.
During a different probe, a blockchain investigator discovered evidence suggesting that the Lazarus Group carried out approximately 25 cyber-attacks, successfully laundering an estimated $200 million in cryptocurrency.
Additionally, it was discovered that there’s a group of programmers based in North Korea who are involved with well-known digital currency ventures. It’s claimed that this team receives a substantial monthly salary of approximately five hundred thousand dollars.
The Dubious Game Plan
Vasily Berdnikov and Boris Larin, experts from Kaspersky Labs, stated that the Lazarus Group devised a counterfeit game named either DeTankZone or DeTankWar, which is centered around Non-Fungible Tokens (NFTs). Their aim with this game is to drain the digital wallets of their unsuspecting targets.
It was discovered by analysts that the hackers exploited an unknown weakness (zero-day vulnerability) in the Google Chrome browser during their deceitful action.
Berdnikov and Larin disclosed that hackers deceived their targets by presenting a bogus game, subsequently guiding them towards a harmful site. This site introduced a type of malware, named Manuscript, into the victims’ computers.
By exploiting the Manuscript, hackers successfully contaminated Chrome’s memory, thereby granting them access to users’ passwords, authentication keys, and all other necessary information for clandestinely stealing their unsuspecting victims’ cryptocurrency.
12 Days To Solve The Issue
In May, Kaspersky Lab experts uncovered activities by the Lazarus Group. Without delay, Berdnikov and Larin communicated this problem to Google, enabling them to address the security loophole swiftly.
Yet, Google found themselves caught off guard by the zero-day vulnerability, requiring them a full 12 days to rectify the issue.
Boris Larin, a leading security specialist at Kaspersky Lab, suggested that the significant resources devoted to this hacking operation imply that the group behind it harbors grand ambitions.
Larin noted that what the group has done might have broader impact than previously thought.
The Lazarus Group serves as a constant reminder that the fight against cyber attacks persists. Google Chrome’s vulnerabilities underscore the importance of consistently updating security protocols and staying alert to potential cyber threats.
Read More
- Tips For Running A Gothic Horror Campaign In D&D
- FIS PREDICTION. FIS cryptocurrency
- Luma Island: All Mountain Offering Crystal Locations
- EUR CAD PREDICTION
- LUNC PREDICTION. LUNC cryptocurrency
- 13 EA Games Are Confirmed to Be Shutting Down in 2025 So Far
- DCU: Who is Jason Momoa’s Lobo?
- How to Claim Entitlements In Freedom Wars Remastered
- Some Atlus Fans Want Snowboard Kids to Make a Comeback
- OSRS: Best Tasks to Block
2024-10-25 08:41