Be careful! North Korean cybercrime group uses fake Chrome game to steal data

A new malicious campaign from hacker group Lazarus Using a fake game to exploit a zero-day flaw in Chrome and steal dataIt mainly targets cryptocurrency users. The action was discovered by researchers at Kaspersky, who announced the details last Wednesday (23).

To attract victims, North Korean cybercriminals created a fake version of DeFiTankLand, a decentralized finance (DeFi) game. DeTankZone. Anyone trying to download the title is faced with a discontinued product that doesn’t go beyond the home screen.

But according to the report, just visiting the download page is enough for a hidden script on the site to exploit a flaw in Google’s browser JavaScript engine V8. By approaching it, attackers can access various information stored in the program.

Saved passwords, browsing history, cookies and authentication tokens Here are some of the data that Lazarus members can access by exploiting the vulnerability in Chrome. As the cybersecurity company explains, the authors aim to steal cryptocurrencies with this information.

Security vulnerability fixed

Additionally, according to security experts, for months Lazarus created fake accounts on X and LinkedIn to promote the game and invited decentralized finance enthusiasts from around the world to visit the page. Cybercriminals have also used AI-generated images to increase credibility.

The attack likely began in February and was detected in May of this year, when researchers alerted Google to the browser flaw. In the same month, The Mountain View giant has released an update that fixes the issue.

To prevent the bug from being exploited, It is recommended to update Chrome to at least version 125.0.6422.60/61It already includes the fix.