Lazarus Group Launches Blockchain Game That Allows You to Exploit Chrome and Steal Cryptocurrencies

A cybersecurity firm reported yesterday that a group of notorious North Korean hackers managed to steal $3 billion worth of cryptocurrency from users by creating a bogus blockchain game. – Kaspersky Lab said that the Lazarus Group exploited a key vulnerability in the Google Chrome browser that allowed it to empty the cryptocurrency wallets of its victims.

Lazarus Group: $3 Billion Crypto Heist

It was reported that North Korean hackers used this bogus game to steal over $3 billion worth of cryptocurrency – an operation that the group successfully carried out over a six-year period, from 2016 to 2022.

The attack is a consequence of Google’s failure to patch the vulnerability in the Chrome browser.

Meanwhile, a blockchain detective conducting a separate investigation stated that Lazarz Group carried out 25 hacking attacks, as a result of which cryptocurrencies worth $200 million were laundered.

The existence of a network of developers in North Korea that works for “established” cryptocurrency projects has also been discovered. The network allegedly receives a monthly payment of $500,000.

The total market capitalization of cryptocurrencies is currently $2.2 trillion. Chart: TradingView

Questionable game plan

Vasily Berdnikov and Boris Larin, Kaspersky Labs analysts, said that the Lazarus Group created a bogus game called DeTankZone or DeTankWar that relies on Non-Fungible Tokens (NFTs) to siphon off its victims’ crypto wallets.

Analysts revealed that hackers took advantage of zero day vulnerability in Chrome browser in his unscrupulous act.

Website appearance and the hidden exploit loader. Source: Kaspersky Lab

Berdnikov and Larin explained that the hackers used a bogus game to convince their victims and directed them to a malicious website that injected malware called Manuscript into their computers.

Using Manuscript, hackers managed to corrupt Chrome’s memory, allowing them to obtain user passwords, authentication tokens, and everything else they needed to steal cryptocurrencies from unsuspecting victims.

12 days to solve the problem

Kaspersky Lab analysts discovered what the Lazarus Group was doing in May. Berdnikov and Larin immediately reported the issue to Google so that the platform could fix the vulnerability.

However, Google was not prepared to address the zero-day vulnerability and did so 12 days to fix the loophole.

Boris Larin, chief security expert at Kaspersky Lab, said that the significant effort put into the hacking campaign by the hacker group indicates that the group has an ambitious plan.

Larin noted that what the group did could have a broader impact than previously thought.

The Lazarus Group reminds that the fight against hackers continues. The Chrome vulnerabilities highlight the need for platforms to always keep their security measures up-to-date and be alert to cybersecurity threats.

Featured image from Le Parisien, chart from TradingView