The Notorious Lazarus Hacker Group Resurfaces In 2024 With A Fake NFT Game

The Lazarus Group, a infamous hacker group made up of an unknown variety of people alleged to be run by the North Korean authorities, has resurfaced after a number of months of silence. In its current incident, the hacker group used a pretend, non-fungible token-based recreation on Google’s web browser (Chrome) and put in spy ware that stole crypto and NFT pockets credentials.

Lazarus Crypto Hacker Group Resurfaces On-line

In an October 24 weblog publish, Cointelegraph.com, a famend crypto media platform, confirmed that the Lazarus hacker group has resurfaced on-line after shifting underwaters for a number of months. The Lazarus hacker group began by launching a pretend non-fungible token recreation on Chrome and putting in spy ware that stole confidential info from crypto customers within the pretend recreation.

The #NorthKorean #Lazarus hacking group exploited a Google Chrome zero-day tracked as CVE-2024-4947 by means of a pretend decentralized finance (DeFi) recreation focusing on people within the cryptocurrency house. #Hacking #cybersecurity https://t.co/wMBJUipAq4

— Nameless🐾🐈‍⬛ (@YourAnonRiots) October 23, 2024

Lazarus Group is a North Korean state-sponsored cyber menace group linked to the North Korean Reconnaissance Common Bureau (RGB). The North Korean Intelligence Company (NKRGB) was created to spy, conduct covert operations, and have interaction in cyber espionage. Since its inception, the RGB has been spending a lot of its time and a spotlight gathering information and trying to infiltrate crypto funds from South Korea, the USA, and Japan.

The Lazarus Group got here into the highlight in 2021 after Sky Mavis, the developer of the favored blockchain-based online game Axie Infinity, suffered a breach that induced the lack of a whole lot of tens of millions of {dollars} in property. After an intensive investigation, the FBI formally attributed the assault to the Lazarus Group. North Korean hackers have a historical past of crypto heists, having stolen over $3 billion as of December 2023.

Lazarus Hacker Group Strike Once more In 2024

Based mostly on the Cointelegraph report, Kaspersky Labs analysts observed the exploit in Might and reported it to Google, which fastened it a number of days later. The hackers launched a play-to-earn multiplayer on-line battle area recreation and promoted it on LinkedIn and X. The sport duped DeTankZone utilizing non-fungible tokens as tanks in a worldwide competitors. The pretend NFT recreation was revealed and flagged by the Microsoft Safety Workforce in February 2024.

Screenshot from Lazarus Group’s pretend recreation. Supply: SecureList

The Northern Korean hackers had eliminated the exploit from the web site earlier than Kaspersky may analyze it. The Kaspersky Labs knowledgeable Google of it anyway, and Google fastened the vulnerability in Chrome earlier than the hackers may use it once more. Within the meantime, the variety of victims affected by this breach remains to be unknown. Customers who beforehand interacted with the sport are suggested to reset all their passwords.

Associated NFT Information:

Most Searched Crypto Launch – Pepe Unchained

Layer 2 Meme Coin Ecosystem
Featured in Cointelegraph
SolidProof & Coinsult Audited
Staking Rewards – pepeunchained.com
$10+ Million Raised at ICO – Ends Quickly