North Korean Hackers Steal $3 Billion in Crypto Through Fake Game
North Korea's Lazarus Group stole $3 billion in cryptocurrency by exploiting a Chrome vulnerability through a fake blockchain game, cybersecurity experts reveal.
A cybersecurity firm has revealed that North Korean hackers, known as the Lazarus Group, managed to steal $3 billion in cryptocurrency by creating a fake blockchain game. Kaspersky Lab reported that the group exploited a vulnerability in the Google Chrome browser to drain users' crypto wallets, leading to significant financial losses.
The Lazarus Group was able to carry out this $3 billion crypto theft between 2016 and 2022. The heist occurred due to Google’s delay in fixing a critical security flaw in its Chrome browser, which the hackers used to their advantage. Investigations also uncovered that the group executed 25 separate hacking operations, laundering $200 million in cryptocurrency. Furthermore, a network of North Korean developers reportedly working for well-known crypto projects was identified, earning $500,000 per month.
The Lazarus Group used a fake game called DeTankZone or DeTankWar involving NFTs to trick victims. According to analysts Vasily Berdnikov and Boris Larin from Kaspersky, the hackers directed users to a malicious website that infected their devices with Manuscript malware. This malware allowed them to access passwords, authentication tokens, and sensitive information stored in Chrome’s memory, enabling them to steal crypto funds.
The Kaspersky team discovered the hackers' tactics in May and alerted Google, but it took 12 days for Google to address the zero-day vulnerability. During this period, the Lazarus Group continued to exploit the flaw, causing further damage.
Boris Larin, a principal security expert, pointed out that the scale of the hacking campaign suggests Lazarus Group’s broader ambitions. He emphasized that this case highlights the need for platforms like Chrome to stay vigilant and ensure their security systems are updated to protect users from such threats.
The Lazarus Group’s activities serve as a stark reminder that cybersecurity risks remain ongoing, and companies must stay alert to protect users against sophisticated hacking campaigns.
