- North Korean hackers exploited previously unknown bug.
- Software maker Google patched bug two days later.
- Report cites hacker group Citrine Sleet in attack.
North Korean hackers exploited a previously unknown bug in Chrome-based browsers on August 19 with the intent of stealing crypto, according to a report from Microsoft, which added that software maker Google patched the bug on August 21.
“We assess with high confidence that the observed exploitation … can be attributed to a North Korean threat actor targeting the cryptocurrency sector for financial gain,” the report said.
It added that the hackers were affiliated with a group called Citrine Sleet, which is known for exploiting the crypto industry. Citrine Sleet has been linked to Bureau 121 of North Korea’s Reconnaissance General Bureau.
A recent report by the UN Security Council said that in 58 suspected cyberheists, North Korean hackers have stolen $3 billion worth of crypto assets in the last seven years, DL News reported.
The US government has assessed that North Korean hackers will continue targeting vulnerabilities of crypto firms, gaming companies, and exchanges to generate and launder funds.
Citrine Sleet primarily targets financial institutions, particularly those managing crypto. It often infects targets with a unique trojan malware it has developed, AppleJeus, which collects information necessary to seize control of the targets’ crypto assets.
Microsoft said it had notified targeted or compromised customers and provided them with information to help secure their environments, but offered no further details on the identity or number of potential victims.