The infamous Lazarus hacker group is back in 2024 with fake NFT games.

The Lazarus Group, a notorious hacker group comprised of an unknown number of individuals believed to be run by the North Korean government, has resurfaced after months of silence. In a recent incident, a group of hackers used fake non-fungible token-based games on Google’s Internet browser (Chrome) and installed spyware that stole cryptocurrency and NFT wallet credentials.

Lazarus Crypto Hacker Group Comes Back Online

Cointelegraph.com, a popular cryptocurrency media platform, confirmed in a blog post on October 24 that the Lazarus hacker group has reemerged online after months of being underwater. The Lazarus hacker group started by launching fake non-fungible token games in Chrome and installing spyware that stole cryptocurrency users’ confidential information in the fake games.

that #North Korea #the poor The hacking group exploited a Google Chrome zero-day, tracked as CVE-2024-4947, through a fake decentralized finance (DeFi) game targeting individuals in the cryptocurrency space. #hacking #cybersecurity https://t.co/wMBJUipAq4

— Anonymous🐾🐈‍⬛ (@YourAnonRiots) October 23, 2024

The Lazarus Group is a North Korean government-sponsored cyber threat group linked to the North Korean Reconnaissance General Bureau (RGB). The North Korean Intelligence Bureau (NKRGB) was created to engage in reconnaissance, conduct covert operations, and engage in cyber espionage. Since its founding, RGB has devoted a lot of time and attention to collecting data and attempting to infiltrate cryptocurrency funds in Korea, the United States, and Japan.

Lazarus Group was thrust into the spotlight in 2021 when Sky Mavis, developer of the popular blockchain-based video game Axie Infinity, suffered a breach that resulted in hundreds of millions of dollars in asset losses. After a thorough investigation, the FBI officially attributed the attack to the Lazarus Group. North Korean hackers have a history of cryptocurrency heist, having stolen more than $3 billion as of December 2023.

The Lazarus hacker group struck again in 2024.

According to a Cointelegraph report, Kaspersky Lab analysts discovered the vulnerability in May and reported it to Google, which fixed it a few days later. The hackers launched a play-to-profit multiplayer online battle arena game and promoted it on LinkedIn and X. The game spoofed DeTankZone by using non-fungible tokens as tanks in competitions around the world. The fake NFT game was revealed and reported by Microsoft’s security team in February 2024.

Screenshot of Lazarus Group’s fake game. Source: SecureList

North Korean hackers removed the exploit from the website before Kaspersky could analyze it. Kaspersky Labs notified Google anyway, and Google fixed the vulnerability in Chrome before hackers could use it again. Meanwhile, the number of victims affected by this breach is not yet known. We recommend that users who have previously interacted with the game reset all passwords.

Related NFT News:

Most searched cryptocurrency launch – Pepe Unchained

• Layer 2 Meme Coin Ecosystem
• Cointelegraph Special
• Thanks to SolidProof and Coinsult
• Staking Rewards – pepeunchained.com
• Over $10 Million Raised in ICO – Ending Soon