Bitcoin
Bitcoin (BTC)
$98,213.00 5.6557
Bitcoin price
Ethereum
Ethereum (ETH)
$3,138.26 1.52998
Ethereum price
BNB
BNB (BNB)
$610.74 -0.06571
BNB price
Solana
Solana (SOL)
$242.12 2.88076
Solana price
XRP
XRP (XRP)
$1.12 -0.37798
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.000024 -0.71274
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000191 -2.9433
Pepe price
Bonk
Bonk (BONK)
$0.0000509 -4.83123
Bonk price
dogwifhat
dogwifhat (WIF)
$3.08 -5.7131
dogwifhat price
Popcat
Popcat (POPCAT)
$1.51 -8.95151
Popcat price
Bitcoin
Bitcoin (BTC)
$98,213.00 5.6557
Bitcoin price
Ethereum
Ethereum (ETH)
$3,138.26 1.52998
Ethereum price
BNB
BNB (BNB)
$610.74 -0.06571
BNB price
Solana
Solana (SOL)
$242.12 2.88076
Solana price
XRP
XRP (XRP)
$1.12 -0.37798
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.000024 -0.71274
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000191 -2.9433
Pepe price
Bonk
Bonk (BONK)
$0.0000509 -4.83123
Bonk price
dogwifhat
dogwifhat (WIF)
$3.08 -5.7131
dogwifhat price
Popcat
Popcat (POPCAT)
$1.51 -8.95151
Popcat price
Bitcoin
Bitcoin (BTC)
$98,213.00 5.6557
Bitcoin price
Ethereum
Ethereum (ETH)
$3,138.26 1.52998
Ethereum price
BNB
BNB (BNB)
$610.74 -0.06571
BNB price
Solana
Solana (SOL)
$242.12 2.88076
Solana price
XRP
XRP (XRP)
$1.12 -0.37798
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.000024 -0.71274
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000191 -2.9433
Pepe price
Bonk
Bonk (BONK)
$0.0000509 -4.83123
Bonk price
dogwifhat
dogwifhat (WIF)
$3.08 -5.7131
dogwifhat price
Popcat
Popcat (POPCAT)
$1.51 -8.95151
Popcat price
Bitcoin
Bitcoin (BTC)
$98,213.00 5.6557
Bitcoin price
Ethereum
Ethereum (ETH)
$3,138.26 1.52998
Ethereum price
BNB
BNB (BNB)
$610.74 -0.06571
BNB price
Solana
Solana (SOL)
$242.12 2.88076
Solana price
XRP
XRP (XRP)
$1.12 -0.37798
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.000024 -0.71274
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000191 -2.9433
Pepe price
Bonk
Bonk (BONK)
$0.0000509 -4.83123
Bonk price
dogwifhat
dogwifhat (WIF)
$3.08 -5.7131
dogwifhat price
Popcat
Popcat (POPCAT)
$1.51 -8.95151
Popcat price

North Korean hackers target crypto institutions via Chromium browser

north-korean-hackers-target-crypto-institutions-via-chromium-browser
Edited by
News
North Korean hackers target crypto institutions via Chromium browser

North Korean hackers, known as Citrine Sleet, have exploited a severe zero-day vulnerability in the Chromium browser to attack crypto financial institutions.

Citrine Sleet targeted financial institutions and crypto entities to steal digital assets. By creating fake crypto trading platforms, the North Korean hackers tricked victims into downloading malicious software, such as the AppleJeus trojan, which siphons off crypto funds, according to Microsoft.

This flaw allowed attackers to execute remote code, giving them control over infected systems. Microsoft identified the attack on August 19, and it has been linked to efforts targeting the crypto industry. 

The vulnerability, tracked as CVE-2024-7971, was a type of confusion flaw in Chromium’s V8 JavaScript engine, permitting attackers to bypass browser security and execute code within the browser’s sandbox, according to Microsoft.

In other words, the Chromium browser, which is the foundation for browsers like Google Chrome and Microsoft Edge, had a severe zero-day vulnerability. This means hackers discovered a serious flaw in Chromium before its own developers did. Hackers could use this flaw for malicious intentions — especially against crypto financial institutions.

Google addressed this vulnerability two days after the attack with a patch released on August 21.

Other malware

Alongside CVE-2024-7971, the hackers deployed malware titled ‘FudModule’ rootkit, which was designed to manipulate Windows’s security measures, according to Microsoft.

This rootkit was previously associated with Diamond Sleet, another North Korean group, suggesting that the same advanced tools are being shared among various North Korean threat actors.

Microsoft stated that Diamond Sleet had been observed using FudModule since October 2021.

Other North Korean hacks 

On August 15, Cybersecurity expert ZachXBT uncovered a sophisticated North Korean scheme involving IT workers posing as crypto developers. This operation resulted in a $1.3 million theft from a project’s treasury and revealed over 25 compromised crypto projects. 

The stolen funds were laundered through multiple transactions, including bridging from Solana to Ethereum and depositing into Tornado Cash. Investigations connected these activities to a network of 21 developers and traced funds back to North Korean IT workers.

Crypto hacks

The crypto sector, already a frequent target of cyber attacks, faces increased risks as these sophisticated threat actors exploit vulnerabilities in widely used software. Microsoft advised users and organizations to update their systems promptly, use secure and updated web browsers, and enable advanced security features like Microsoft Defender to safeguard against such threats.