North Korean hackers exploit Chrome zero-day vulnerability to attack cryptocurrency users
On August 31st, Microsoft cyber security researchers discovered a zero-day vulnerability in the Chromium engine that powers browsers such as Chrome. This vulnerability was exploited by a North Korean hacking group called Citrine Sleet to specifically target cryptocurrency users. Citrine Sleet uses rootkit malicious software called FudModule, which creates fake cryptocurrency trading platform websites to trick users into downloading malicious software or weaponized crypto wallets to gain remote code execution permissions and steal victims' crypto assets. This vulnerability was fixed on August 21st, and users need to update their browsers as soon as possible to ensure security. This is the third Chromium zero-day vulnerability to be exploited this year.