Microsoft experts have found a vulnerability in the Chromium browser to steal cryptocurrencies
According to the company’s experts, it is being used by hackers from the DPRK
02.09.2024 - 12:51
102
2 min
0
What’s new? Microsoft experts have discovered a group of DPRK hackers exploiting a zero-day vulnerability in the open-source web browser Chromium to gain remote code execution (RCE) access. According to experts, the vulnerability, identified as CVE-2024-7971, targets the cryptocurrency sector.
What else is known? CVE-2024-7971 affects Chromium versions up to 128.0.6613.84 and is a Type Confusion Vulnerability in JavaScript and WebAssembly V8. It was discovered on August 19, and the Google team released a patch to fix it on August 21. To protect assets, Chromium users should make sure they are using the latest version.
Earlier this year, two similar vulnerabilities identified as CVE-2024-4947 and CVE-2024-5274 were already patched and discovered.
The group, which Microsoft identified as Citrine Sleet, is based in North Korea, is affiliated with the country’s government and targets organizations and individuals managing cryptocurrencies. Through social engineering methods, Citrine Sleet has conducted extensive reconnaissance of the crypto industry and associated individuals.
Attackers create fake websites disguised as legitimate crypto trading platforms and use them to distribute fake offers or invitations to download malware. Citrine Sleet most commonly uses its own AppleJeus trojan, which collects information needed to seize control of victims’ crypto assets.
Developers have revealed a new method for hacking hardware bitcoin wallets
With its help, an attacker can get the full seed phrase for a victim’s wallet from two of its blockchain transactions
Earlier, cybersecurity solutions provider Check Point discovered freely distributed Styx Stealer malware to steal data and cryptocurrencies using a clipping mechanism.
Useful material?
Market
The company’s unrealized profits from investing in its first cryptocurrency approached $14 billion
Nov 19, 2024
Incidents
The search, the reason for which was not announced, took place a week after the election, the results of which Polymarket users predicted quite accurately
Nov 14, 2024
Market
Analysts point to the growing popularity of the first cryptocurrency as a safe haven asset
Nov 13, 2024
Market
The product will begin trading on the Swiss Exchange on November 19
Nov 12, 2024
Market
The company’s unrealized profits from investing in the first cryptocurrency approached $13 billion
Nov 12, 2024
Market
The company predicts that the rate of the first cryptocurrency will grow to $200 000 by the end of next year
Nov 11, 2024