Kaspersky unveils a sophisticated cyberattack targeting cryptocurrency owners
Cybersecurity company Kaspersky announced today that it has uncovered a sophisticated malicious campaign by the Lazarus hacker group, targeting owners of cryptocurrency accounts with Advanced Persistent Threats (APTs).
Hackers exploited vulnerabilities in Google’s Chrome browser to steal cryptocurrencies from owners, using a fake game website that exploited a „zero-day vulnerability“, a problem that even the manufacturer did not notice and therefore did not have time to fix.
Lazarus managed to install spyware in Chrome and steal credentials, including usernames and passwords for cryptocurrency wallets.
Attackers exploited this vulnerability through a meticulously designed fake game website that invited users to compete globally with NFT tokens.
Further analysis revealed a sophisticated malicious campaign that relied heavily on social engineering techniques and generative artificial intelligence (AI).
They focused on building trust to maximize the effectiveness of the campaign, designing details to make promotional activities appear as authentic as possible.
Attackers also created accounts on social media platforms such as Twitter and Linkedin to promote the fake game, using images generated by AI.
Additionally, attackers also tried to engage influencers in the cryptocurrency field to further promote the game.
Earlier, the American FBI accused the Lazarus group, allegedly backed by hackers from North Korea, of stealing $41 million in cryptocurrencies from Stake.com online casino.
In May 2024, Kaspersky experts identified an attack using the Manuscript malware used by the Lazarus group since 2013, discovered in more than 50 unique campaigns targeting various industries. Further analysis revealed a sophisticated malicious campaign that relied heavily on social engineering techniques and generative artificial intelligence to target cryptocurrency investors.
Install our iOS or android app – 24hours News Worth Following Follow us on social media
