🔥Early Access List: Land A High Paying Web3 Job In 90 Days LEARN MORE

North Korean hacking gang used unknown bug in Chrome to steal crypto

In this post:

  • A Microsoft cybersecurity research team unearthed the anomaly in a report published on Friday.
  • The hacking gang was affiliated to Citrine Sleet, known for targeting the crypto industry.
  • The hackers took advantage of a bug in browsers like Microsoft’s Edge and Chrome.

A North Korean gang took advantage of a previously unknown bug in Chrome to target organizations and steal their cryptocurrency, a team of Microsoft researchers revealed in a report.

According to the report published on Friday, Microsoft’s cybersecurity researchers first learned of the hackers’ misdemeanors on August 19. The report further states that the gang was affiliated to Citrine Sleet, which is known for targeting the crypto industry and financial service providers in general.

The hackers took advantage of flaws in browsers

This comes as cryptocurrency has become a hot target for North Korean government hackers for years, with the UN Security Council estimating that $3 billion in crypto was stolen between 2017 and 2023, according to a TechCrunch article.

According to the Microsoft researchers, the gang of hackers took advantage of a vulnerability in a core engine within Chromium, which is the underlying code for Chrome and other popular browsers like Microsoft’s Edge.

The report further explains that when the hackers exploited the flaws in the browsers, it was zero-day, which means that Google as the software maker was not aware of the bug. According to a TechCrunch article, the team then had zero time to issue a fix before the bug ‘s exploitation.

Google fixed the bug two days later on the 21st of August, as per the researchers’ explanations.

See also  Ripple CEO: 'Japan’s leaders are committed to advancing crypto'

According to TechCrunch, Google spokesperson Scott Westover said the tech giant had fixed the bug, but without giving further details.

Peers, Microsoft revealed it had notified “targeted and compromised customers” although it could not provide more information on the set target, nor how many targets and victims were targeted by this “hacking spree.”

Its spokesperson Chris Williams refused to divulge the number of organizations affected by this malpractice.

North Korean gang targets financial services

According to the researchers, Citrine Sleet is based in North Korea and mostly targets financial services providers and individuals who manage cryptocurrency for profit and the group “has conducted extensive reconnaissance of the cryptocurrency industry and individuals associated with it” as part of its social engineering techniques.

“The threat actor creates fake websites masquerading as legitimate cryptocurrency trading platforms and uses them to distribute fake job applications or lure targets into downloading a weaponized cryptocurrency wallet or trading application based on legitimate applications,” reads part of the report.

“Citrine Sleet most commonly infects targets with the unique trojan malware it developed, AppleJeus, which collects information necessary to seize control of the targets’ cryptocurrency assets.”

Microsoft Report.

As for the North Korean hackers, the researchers revealed that they started off by tricking a victim to visit a web domain under their control. The report further explains that due to another vulnerability in the Windows Kernel, the hackers managed to install malware with deep access to the operating system on the victim’s device. The hackers gained total control of the victim’s data and device.

See also  VanEck to liquidate Ethereum futures ETF, citing growing demand for spot alternative

According to TechCrunch, due to tight international sanctions, the regime in North Korea has turned to illicit crypto activities to fund its nuclear weapons.

Share link:

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

Most read

Loading Most Read articles...

Stay on top of crypto news, get daily updates in your inbox

Related News

Donald Trump pledges 100% tariff on countries abandoning the dollar
Cryptopolitan
Subscribe to CryptoPolitan

Interested in launching your Web3 career and landing a high-paying job in 90 days?

Leading industry experts show you how with this bran new course: Crypto Career Launchpad

Join the early access list below and be the first to know when the course opens its doors. You’ll also save $100’s off the regular launch price.