Who:
Threat Actor: Lazarus Group, a North Korean state-sponsored hacking group.
Target: Cryptocurrency sector, including individuals and organizations.
What:
Vulnerability Exploited: CVE-2024-4947, a zero-day flaw in Google Chrome's V8 JavaScript engine (patched in May 2024).
Attack Chain:
Malicious website disguised as a blockchain-based game (DeFiTankWar) used to trigger the Chrome vulnerability.
Exploit gives attackers control over infected devices, enabling them to steal information and deploy further malware.
Social engineering via X (formerly Twitter) and LinkedIn to lure victims into downloading the malware-laden game.
Impact:
Control Over Devices: Successful exploitation allows attackers to fully control victim systems, potentially leading to major data breaches and financial losses.
Social Engineering: Lazarus leverages elaborate social media campaigns and stolen game code to trick high-value cryptocurrency targets.
Broader Threat: The group's evolving tactics, including the use of generative AI and sophisticated social engineering, signal ongoing danger to financial and digital sectors.
Read the full article HERE