Lazarus APT steals cryptocurrency and user data via a decoy MOBA game
Oct. 23, 2024, 1:19 p.m.
Tags
External References
Description
Lazarus APT launched a sophisticated attack campaign using a decoy MOBA game website to exploit a zero-day vulnerability in Google Chrome. The exploit allowed remote code execution and bypassed the V8 sandbox. The attackers used social engineering tactics on social media to promote the fake game, which was actually stolen from legitimate developers. The campaign aimed to steal cryptocurrency and user data. Lazarus demonstrated advanced techniques, including using generative AI for content creation and exploiting newly introduced browser features. The attack highlights the ongoing threat to the cryptocurrency industry and the need for enhanced security measures against evolving APT tactics.
Date
Published: Oct. 23, 2024, 11:07 a.m.
Created: Oct. 23, 2024, 11:07 a.m.
Modified: Oct. 23, 2024, 1:19 p.m.
Indicators
59a37d7d2bf4cffe31407edd286a811d9600b68fe757829e30da4394ab65a4cc
7353ab9670133468081305bd442f7691cf2f2c1136f09d9508400546c417833a
Attack Patterns
Manuscrypt
Lazarus
T1608.004
T1588.001
T1583.001
T1588.004
T1608.001
T1588.002
T1211
T1204.001
T1566
T1190
T1068
T1059
CVE-2024-4947
Additional Informations
Technology
Finance