More

    Crypto Hack Exposed: How Lazarus APT Is Using DeFi Games to Steal Your Crypto!

    The post Crypto Hack Exposed: How Lazarus APT Is Using DeFi Games to Steal Your Crypto! appeared first on Coinpedia Fintech News

    Lazarus APT, especially its subgroup BlueNoroff, is attributed to the professional hack attacks on the financial sector, especially those related to cryptocurrencies. This North Korean-linked cyber group has conducted numerous attacks of high profile targeting organizations and businesses, and using sophisticated malware and exploits. 

    Three of its tools, namely Manuscrypt, Cutwail, and Turk, have made it possible for over 50 successful campaigns to take place effectively since the year 2013.

    Recent Attack Campaign: An Analysis of the Detankzone Exploit

    Cybersecurity analysts with Kaspersky in May 2024 pinpointed a Manuscrypt in a Russian system that originated from detankzone[.]com. Though rationalizing itself as a genuine DeFi NFT game, this site was hiding a zero-day Chrome vulnerability. 

    The exploit was implanted into a weakness in the V8 JavaScript engine that allows the attackers to take full control of the victim’s computer the moment they visit the site. When Kaspersky reported the case, Google immediately dealt with this critical bug and closed all related fake web pages.

    Social Engineering Tactics: Social Media Identity Cloning

    Adding to this, Lazarus utilized social engineering and opened fake LinkedIn and X (previously Twitter) accounts to endorse a fake game called “DeTankZone.” DeFiTankLand was another real game whose source was used to release a faithful copy of a game demo, trusting which users downloaded malware. 

    This blended approach emphasizes Lazarus’ flexibility in switching between technical and social approaches to overcome crypto space defenses.

    Also Read :   Hackers Steal $20 Million from US Government’s Crypto Wallet   ,

    A New & Evolving Danger to Crypto Investors

    What is crucial for understanding this campaign is that Lazarus is still capable of evading such cutting-edge security protections using zero-day vulnerabilities along with social engineering approaches. 

    The event remains relevant to emphasize on the stock and alertness, updates of the applications, and the cautious tendency of the clients, who are involved in cryptocurrency investments, as the threat actors do not stop evolving and improving techniques of attacks.

    Related articles

    Paul Grewal Defends Coinbase In $1B Lawsuit Over wBTC Delisting

    The post Paul Grewal Defends Coinbase In $1B Lawsuit Over wBTC Delisting appeared first on Coinpedia Fintech News Recently, Bit Global had filed a lawsuit against Coinbase Global Inc claiming that Coinbase unlawfully delisted its...

    BlackRock Delays XRP ETF Plans, RLUSD Approval Sparks New Speculations

    The post BlackRock Delays XRP ETF Plans, RLUSD Approval Sparks New Speculations appeared first on Coinpedia Fintech News Recent developments like XRP ETF filings, the announcement of a new SEC Chair, and the news of...

    Solana to $500? VanEck’s Bold Price Prediction for SOL

    The post Solana to $500? VanEck’s Bold Price Prediction for SOL appeared first on Coinpedia Fintech News Amid the ongoing consolidation in the cryptocurrency landscape, asset management giant VanEck has made a bold prediction for...

    Forex News in Real-Time: Your Comprehensive Guide to Mastering the Currency Market

    The forex market, the largest and most liquid market globally, is influenced by a dynamic mix of economic, political, and social factors. Staying updated with real-time forex news is critical for making informed decisions...

    XRP Price on the Brink of $3: Is a Major Breakout Imminent?

    The post XRP Price on the Brink of $3: Is a Major Breakout Imminent? appeared first on Coinpedia Fintech News Recently, XRP has been in the spotlight with its price jumping over 5% to $2.46,...

    Latest articles

    LEAVE A REPLY

    Please enter your comment!
    Please enter your name here