- A well-known North Korean hacking group has a new trick
- Hackers exploited a flaw in Google Chrome
- They are trying to rob users with the help of a fake game
The Google Chrome web browser has a problem. It was targeted by a North Korean hacking group Lazarus Group and took advantage of his mistake CVE-2024-4947. Thanks to it, hackers can tamper with his memory and overwrite it. Anyone who accidentally downloads their software will de facto hand over cookies, passwords, browser history and other information to them.
At the same time, hackers are luring users to an alleged NFT game with the name DeTankZonefor which they also created an “official” page. Many users are certainly familiar with the game DeFiTankLand, and attackers try to imitate it to lure people into clicking the download button. Of course, they won’t get the game, but it will run a script that just exploits the hole in Google Chrome.
How hackers stole up to $14m from ATMs – The Lazarus Heist Season 2, Ep1 – BBC World Service podcast
At the same time, the goal of the attackers is generally known – for a long time they have been focusing on financial institutions as well as ordinary users, and they mainly specialize in cryptocurrencies. According to experts from the international company Kaspersky, which specializes in cyber security, these hackers are behind some of the most serious cryptocurrency online attacks from recent times. And even the FBI is interested in them.
It was Kaspersky that informed about their latest trick in May. Even Google has already responded to it, issuing a fix. But not all Google Chrome users download updates regularly. If they don’t have the one with the code designation 125.0.6422.60/.61 or higher, they can still be easily targeted by these fillets.
Have you personally encountered any attempted hacker attack?
Source: Pixabay, Hackread, TheHackerNews
Source: www.svetandroida.cz
