Fraudulent DeFi game leveraged in new crypto investor-targeted Lazarus attack
North Korean hacking collective Lazarus Group has sought to exfiltrate cryptocurrency investors’ assets in attacks involving a phony decentralized finance game that exploited the now-addressed Google Chrome zero-day type confusion flaw, tracked as CVE-2024-4947, according to BleepingComputer.
Identification of a Manscrypt backdoor malware compromise in May prompted the discovery of early exploitation of the Chrome vulnerability through the “detankzone[.]com” website for the fake NFT-based multiplayer online battle arena game DeTankZone, which contains source code stolen from the DeFiTankLand game and was advertised by Lazarus across social media platforms, LinkedIn accounts, and spear-phishing emails, a report from Kaspersky revealed….