Main Points Related to Bitcoin, Web3, Ethereum, and Cryptocurrency:
- North Korean hackers known as Citrine Sleet exploited a zero-day vulnerability in the Chromium browser to steal digital assets from crypto financial institutions.
- The hackers deployed malware such as the AppleJeus trojan to siphon off crypto funds.
- Google released a patch to address the vulnerability two days after the attack.
- The hackers also used a rootkit called ‘FudModule’ to manipulate Windows security measures.
- A sophisticated North Korean scheme involving IT workers posing as crypto developers resulted in a $1.3 million theft from a project’s treasury.
- The crypto sector faces increased risks from cyber attacks, and Microsoft advised users to update their systems promptly.
North Korean Hackers Target Crypto Financial Institutions
North Korean hackers, known as Citrine Sleet, exploited a severe zero-day vulnerability in the Chromium browser to target financial institutions and steal digital assets from crypto entities. By creating fake crypto trading platforms, the hackers tricked victims into downloading malicious software like the AppleJeus trojan, which allowed them to siphon off crypto funds. Microsoft identified the attack on August 19, linking it to efforts targeting the crypto industry. The vulnerability, tracked as CVE-2024-7971, was a type of confusion flaw in Chromium’s V8 JavaScript engine, enabling attackers to execute remote code and gain control over infected systems.
Hackers Deploy Malware and Share Tools
In addition to CVE-2024-7971, the hackers deployed malware named ‘FudModule’ rootkit, designed to manipulate Windows security measures. This rootkit was previously associated with Diamond Sleet, indicating that advanced tools are shared among various North Korean threat actors. Microsoft reported that Diamond Sleet had been observed using FudModule since October 2021, suggesting a link between the two groups in utilizing similar tools. The sophisticated North Korean scheme uncovered by cybersecurity expert ZachXBT involved IT workers posing as crypto developers and resulted in a $1.3 million theft from a project’s treasury.
Crypto Sector Faces Increased Risks
The crypto sector, already a common target for cyber attacks, faces heightened risks as threat actors exploit vulnerabilities in widely used software. Microsoft recommended users and organizations to update their systems promptly, use secure and updated web browsers, and enable advanced security features like Microsoft Defender to protect against such threats. It is crucial for individuals and entities in the crypto space to remain vigilant and implement robust cybersecurity measures to safeguard digital assets against ongoing threats.
