North Korean hackers exploit Chrome zero-day vulnerability to attack cryptocurrency users
Microsoft cyber security researchers have discovered a zero-day vulnerability in the Chromium engine that powers browsers such as Chrome. The vulnerability was exploited by a North Korean hacking group called Citrine Sleet to specifically target cryptocurrency users. Citrine Sleet uses rootkit malicious software called FudModule, which creates fake cryptocurrency exchange websites that trick users into downloading malicious software or weaponized crypto wallets to gain remote code execution permissions and steal victims' crypto assets. The vulnerability was fixed on August 21, and users need to update their browsers as soon as possible to ensure security.
This is the third Chromium zero-day exploit this year. Previously, Citrine Sleet also posed as an exchange employee, distributed files containing malicious code on Telegram, and targeted cryptocurrency investment startups. Users should be vigilant to avoid downloading unknown files or clicking on suspicious links.