Free Video Downloader

Fast and free all in one video downloader

For Example: https://www.youtube.com/watch?v=OLCJYT5y8Bo

1

Copy shareable video URL

2

Paste it into the field

3

Click to download button


North Korean hackers exploited Chrome zero-day to steal crypto
September 3, 2024

North Korean hackers exploited Chrome zero-day to steal crypto

Reading Time: 2 minutes

A North Korean hacking group earlier in August exploited a previously unknown bug in Chrome to target organizations with the goal of stealing cryptocurrency, according to Microsoft.

In a report published on Friday, the tech giant’s cybersecurity researchers said they first saw evidence of the hackers’ activities on August 19, and said the hackers were affiliated with a group called Citrine Sleet, which is known to target the crypto industry

According to the report, the hackers exploited a flaw in a core engine within Chromium, the underlying code of Chrome and other popular browsers, like Microsoft’s Edge. When the hackers exploited the vulnerability, it was a zero-day, meaning the software maker — in this case, Google — was unaware of the bug and as such had zero time to issue a fix prior to its exploitation. Google patched the bug two days later on August 21, according to Microsoft. 

Microsoft said it has notified ‘targeted and compromised customers,’ but did not provide more information on who was targeted, nor how many targets and victims were targeted by this hacking campaign.

Researchers wrote that Citrine Sleet ‘is based in North Korea and primarily targets financial institutions, particularly organizations and individuals managing cryptocurrency, for financial gain,’ and the group ‘has conducted extensive reconnaissance of the cryptocurrency industry and individuals associated with it’ as part of its social engineering techniques. 

‘The threat actor creates fake websites masquerading as legitimate cryptocurrency trading platforms and uses them to distribute fake job applications or lure targets into downloading a weaponized cryptocurrency wallet or trading application based on legitimate applications,’ reads the report. ‘Citrine Sleet most commonly infects targets with the unique trojan malware it developed, AppleJeus, which collects information necessary to seize control of the targets’ cryptocurrency assets.’

The North Korean hackers’ attack started by tricking a victim into visiting a web domain under the hackers’ control. Then, because of another vulnerability in the Windows kernel, the hackers were able to install a rootkit — a type of malware that has deep access to the operating system — on the target’s computer, according to Microsoft’s report. 

At that point, it’s basically game over for the targeted victim’s data, as the hackers had gained complete control of the hacked computer. 

Crypto has been a juicy target for North Korean government hackers for years. A United Nations Security Council panel concluded that the regime stole $3 billion in crypto between 2017 and 2023. Given that the Kim Jong Un government is the target of strict international sanctions, the regime has turned to stealing crypto to fund its nuclear weapons program.

Reference: https://techcrunch.com/2024/08/30/north-korean-hackers-exploited-chrome-zero-day-to-steal-crypto/

Ref: techcrunch

MediaDownloader.net -> Free Online Video Downloader, Download Any Video From YouTube, VK, Vimeo, Twitter, Twitch, Tumblr, Tiktok, Telegram, TED, Streamable, Soundcloud, Snapchat, Share, Rumble, Reddit, PuhuTV, Pinterest, Periscope, Ok.ru, MxTakatak, Mixcloud, Mashable, LinkedIn, Likee, Kwai, Izlesene, Instagram, Imgur, IMDB, Ifunny, Gaana, Flickr, Febspot, Facebook, ESPN, Douyin, Dailymotion, Buzzfeed, BluTV, Blogger, Bitchute, Bilibili, Bandcamp, Akıllı, 9GAG

Leave a Reply

Your email address will not be published. Required fields are marked *