BPOI Banner
North Korean Hackers Used Fake NFT Game to Steal Wallet Credentials: Report North Korean Hackers Used Fake NFT Game to Steal Wallet Credentials: Report

North Korean Hackers Used Fake NFT Game to Steal Wallet Credentials: Report

Reports have emerged that bad actors allegedly tied to North Korea’s Lazarus Group executed a complex cyberattack that used a fake NFT-based game to exploit a zero-day vulnerability in Google Chrome.

According to the report, the vulnerability ultimately allowed the attackers to access people’s crypto wallets.

Exploiting Chrome’s Zero-Day Flaw

Kaspersky Labs security analysts Boris Larin and Vasily Berdnikov wrote that the perpetrators cloned a blockchain game called DeTankZone and promoted it as a multiplayer online battle arena (MOBA) with play-to-earn (P2E) elements.

Per the experts, they then embedded a malicious code within the game’s website, detankzone[.]com, infecting devices that interacted with it, even without any downloads.

The script exploited a critical bug in Chrome’s V8 JavaScript engine, letting it bypass sandbox protections and enabling remote code execution. This vulnerability allowed the suspected North Korean actors to install an advanced malware called Manuscrypt, which gave them control over the victims’ systems.

Kaspersky reported the flaw to Google upon discovering it. The tech giant then addressed the issue with a security upgrade days later. However, the hackers had already capitalized on it, suggesting a broader impact on global users and businesses.

What Larin and his security team at Kaspersky found interesting was how the attackers adopted extensive social engineering tactics. They promoted the tainted game on X and LinkedIn by engaging well-known crypto influencers to distribute AI-generated marketing material for it.

The elaborate setup also included professionally done websites and premium LinkedIn accounts, which helped create an illusion of legitimacy that attracted unsuspecting players to the game.

Lazarus Group’s Crypto Pursuits

Surprisingly, the NFT game wasn’t just a shell; it was fully functional, with gameplay elements such as logos, heads-up displays, and 3D models.

However, anyone visiting the P2E title’s malware-ridden website had their sensitive information, including wallet credentials, harvested, enabling Lazarus to execute large-scale crypto thefts.

The group has demonstrated a sustained interest in cryptocurrency over the years. In April, on-chain investigator ZachXBT connected them to more than 25 crypto hacks between 2020 and 2023, which bagged them more than $200 million.

Additionally, the U.S. Treasury Department has linked Lazarus to 2022’s infamous Ronin Bridge hack, in which they reportedly stole over $600 million in ether (ETH) and USD Coin (USDC).

Data collected by 21Shares’ parent company 21.co in September 2023 revealed that the criminal group held more than $47 million in assorted cryptocurrencies, including Bitcoin (BTC), Binance Coin (BNB), Avalanche (AVAX), and Polygon (MATIC).

In total, they are said to have stolen digital assets worth more than $3 billion between 2017 and 2023.

SPECIAL OFFER (Sponsored)

Binance Free $600 (CryptoPotato Exclusive): Use this link to register a new account and receive $600 exclusive welcome offer on Binance (full details).

LIMITED OFFER 2024 at BYDFi Exchange: Up to $2,888 welcome reward, use this link to register and open a 100 USDT-M position for free!

Source link

Wayne Jones

https://cryptopotato.com/north-korean-hackers-used-fake-nft-game-to-steal-wallet-credentials-report/

2024-10-26 18:44:56

bitcoin
Bitcoin (BTC) $ 94,637.36 0.07%
ethereum
Ethereum (ETH) $ 3,379.89 1.73%
tether
Tether (USDT) $ 0.998492 0.00%
xrp
XRP (XRP) $ 2.18 1.71%
bnb
BNB (BNB) $ 721.78 4.61%
solana
Solana (SOL) $ 190.69 3.23%
dogecoin
Dogecoin (DOGE) $ 0.320048 3.01%
usd-coin
USDC (USDC) $ 1.00 0.12%
staked-ether
Lido Staked Ether (STETH) $ 3,376.37 1.83%
cardano
Cardano (ADA) $ 0.884568 1.00%
tron
TRON (TRX) $ 0.256923 0.98%
avalanche-2
Avalanche (AVAX) $ 37.26 1.43%
the-open-network
Toncoin (TON) $ 5.83 1.72%
wrapped-steth
Wrapped stETH (WSTETH) $ 4,011.97 1.16%
chainlink
Chainlink (LINK) $ 21.64 3.50%
shiba-inu
Shiba Inu (SHIB) $ 0.000022 2.82%
wrapped-bitcoin
Wrapped Bitcoin (WBTC) $ 94,525.33 0.23%
sui
Sui (SUI) $ 4.12 0.13%
hedera-hashgraph
Hedera (HBAR) $ 0.279922 0.89%
polkadot
Polkadot (DOT) $ 6.99 1.96%
stellar
Stellar (XLM) $ 0.351404 1.34%
bitget-token
Bitget Token (BGB) $ 7.53 9.63%
weth
WETH (WETH) $ 3,379.60 1.70%
hyperliquid
Hyperliquid (HYPE) $ 28.44 5.94%
bitcoin-cash
Bitcoin Cash (BCH) $ 446.69 0.68%
leo-token
LEO Token (LEO) $ 9.27 0.97%
uniswap
Uniswap (UNI) $ 13.41 0.32%
pepe
Pepe (PEPE) $ 0.000019 6.31%
litecoin
Litecoin (LTC) $ 100.37 0.60%
wrapped-eeth
Wrapped eETH (WEETH) $ 3,564.70 1.62%
near
NEAR Protocol (NEAR) $ 5.23 3.50%
ethena-usde
Ethena USDe (USDE) $ 0.997268 0.13%
usds
USDS (USDS) $ 0.999087 0.57%
aptos
Aptos (APT) $ 9.06 3.72%
aave
Aave (AAVE) $ 333.04 3.03%
internet-computer
Internet Computer (ICP) $ 10.41 1.72%
mantle
Mantle (MNT) $ 1.21 2.08%
polygon-ecosystem-token
POL (ex-MATIC) (POL) $ 0.482212 0.31%
crypto-com-chain
Cronos (CRO) $ 0.148416 0.99%
ethereum-classic
Ethereum Classic (ETC) $ 26.36 1.30%
vechain
VeChain (VET) $ 0.046944 1.55%
render-token
Render (RENDER) $ 7.10 0.96%
monero
Monero (XMR) $ 198.21 3.11%
whitebit
WhiteBIT Coin (WBT) $ 24.67 0.75%
mantra-dao
MANTRA (OM) $ 3.70 0.60%
fetch-ai
Artificial Superintelligence Alliance (FET) $ 1.35 3.58%
bittensor
Bittensor (TAO) $ 471.77 0.26%
virtual-protocol
Virtuals Protocol (VIRTUAL) $ 3.45 1.95%
dai
Dai (DAI) $ 1.00 0.05%
arbitrum
Arbitrum (ARB) $ 0.76848 0.81%