A cybersecurity company reported yesterday that a group of notorious hackers from North Korea were able to steal $3 billion in cryptocurrency from users by creating a fake blockchain game. according to Kaspersky Lab that the Lazarus Group exploited a key vulnerability in the Google Chrome browser that allowed them to drain their victims’ crypto wallets.
Lazarus Group: $3 Billion Crypto Heist
It was reported that the North Korean hackers used the fake game to steal more than $3 billion worth of cryptocurrency – an operation that the group successfully carried out within a period of six years, from 2016 to 2022.
The heist is the adverse result of Google’s failure to patch a vulnerability in the Chrome browser.
Meanwhile, a blockchain detective conducting a separate investigation discovered that the Lazarus group carried out 25 hacking attacks, laundering $200 million worth of crypto.
It also revealed the existence of a network of developers in North Korea working for ‘established’ cryptocurrency projects. The network reportedly gets a monthly salary of $500,000.
The questionable game plan
Kaspersky Labs analysts Vasily Berdnikov and Boris Larin said the Lazarus Group has created a fake game called DeTankZone or DeTankWar that revolves around Non-Fungible Tokens (NFTs) to siphon off their victims’ crypto wallets.
The analysts showed that the hackers used the zero-day vulnerability in the Chrome browser in their unconscionable act.
Website appearance and the hidden exploit loader. Source: Kaspersky Lab
Berdnikov and Larin explained that hackers used the fake game to trick their victims and direct them to a malicious website that injected malware into their computers called Manuscript.
Using Manuscript, the hackers were able to corrupt Chrome’s memory, allowing them to obtain users’ passwords, authentication tokens, and everything they needed to steal their unwitting victims’ crypto.
12 days to solve the problem
Kaspersky Lab analysts discovered what the Lazarus Group did in May. Berdnikov and Larin immediately reported the issue to Google so that the platform could fix the vulnerability.
However, Google was not prepared to tackle the problem of zero-day vulnerability and adopt it 12 days to fix the vulnerability.
Boris Larin, a key security expert from Kaspersky Lab, said that the remarkable efforts invested by the hacker group in the said hacking campaign indicate that the group has an ambitious plan.
Larin noted that what the group has done could have a broader impact than previously thought.
The Lazarus Group reminds us that the fight against hackers continues. Chrome’s vulnerabilities highlighted the need for platforms to always ensure their security measures are up to date and be vigilant against cyber threats.
Featured image from Le Parisien, chart from TradingView