Crypto News

North Korean Hackers Used Fake NFT Game to Steal Wallet Credentials: Report

North Korean Hackers Used Fake NFT Game to Steal Wallet Credentials: Report
© Copyright Image: CryptoPotato

Reports have emerged that bad actors allegedly tied to North Koreas Lazarus Group executed a complex cyberattack that used a fake NFT-based game to exploit a zero-day vulnerability in Google Chrome.

According to the report, the vulnerability ultimately allowed the attackers to access peoples crypto wallets.

Exploiting Chromes Zero-Day Flaw

Kaspersky Labs security analysts Boris Larin and Vasily Berdnikov wrote that the perpetrators cloned a blockchain game called DeTankZone and promoted it as a multiplayer online battle arena (MOBA) with play-to-earn (P2E) elements.

Per the experts, they then embedded a malicious code within the games website, detankzone[.]com, infecting devices that interacted with it, even without any downloads.

The script exploited a critical bug in Chromes V8 JavaScript engine, letting it bypass sandbox protections and enabling remote code execution. This vulnerability allowed the suspected North Korean actors to install an advanced malware called Manuscrypt, which gave them control over the victims systems.

Kaspersky reported the flaw to Google upon discovering it. The tech giant then addressed the issue with a security upgrade days later. However, the hackers had already capitalized on it, suggesting a broader impact on global users and businesses.

What Larin and his security team at Kaspersky found interesting was how the attackers adopted extensive social engineering tactics. They promoted the tainted game on X and LinkedIn by engaging well-known crypto influencers to distribute AI-generated marketing material for it.

The elaborate setup also included professionally done websites and premium LinkedIn accounts, which helped create an illusion of legitimacy that attracted unsuspecting players to the game.

Lazarus Groups Crypto Pursuits

Surprisingly, the NFT game wasnt just a shell; it was fully functional, with gameplay elements such as logos, heads-up displays, and 3D models.

However, anyone visiting the P2E titles malware-ridden website had their sensitive information, including wallet credentials, harvested, enabling Lazarus to execute large-scale crypto thefts.

The group has demonstrated a sustained interest in cryptocurrency over the years. In April, on-chain investigator ZachXBT connected them to more than 25 crypto hacks between 2020 and 2023, which bagged them more than $200 million.

Additionally, the U.S. Treasury Department has linked Lazarus to 2022s infamous Ronin Bridge hack, in which they reportedly stole over $600 million in ether (ETH) and USD Coin (USDC).

Data collected by 21Shares parent company 21.co in September 2023 revealed that the criminal group held more than $47 million in assorted cryptocurrencies, including Bitcoin (BTC), Binance Coin (BNB), Avalanche (AVAX), and Polygon (MATIC).

In total, they are said to have stolen digital assets worth more than $3 billion between 2017 and 2023.

The post North Korean Hackers Used Fake NFT Game to Steal Wallet Credentials: Report appeared first on CryptoPotato.

Read more: https://cryptopotato.com/north-korean-hackers-used-fake-nft-game-to-steal-wallet-credentials-report/

Text source: CryptoPotato

Disclaimer: Financial information and news are not financial advice, read the disclaimer.
Buy & sell Crypto in minutes

Join BINANCE!

The world's largest crypto exchange

You're just steps away from receiving your reward.

The most complete Crypto News Center.

Search Stories:

Latest top stories