Gairika Mitra
Hold on to your wallets, crypto fans! The notorious North Korean Lazarus Group is back, and this time, theyāre gaming the systemā¦ literally! Kaspersky dropped the bombshell early this week, revealing that the Lazarus Group crafted a sneaky scheme using a fake blockchain tank game to plunder crypto wallets faster than you can say āblockchain.ā š¹ļøš°
š² Level 1: Exploiting Chromeās Kryptonite
Apparently, Lazarus found a flaw in Google Chrome (a āzero-dayā for the techies out there) and decided to roll it into a video game that only looked fun. This “game” (or, letās call it what it isāa malware smorgasbord) had one goal: hijack your crypto wallet! š± Imagine hopping onto a shiny new blockchain tank game, only to find out itās more āTank Your Portfolioā than āTanks for the Win.ā
šµļøāāļø Level 2: The Great Disguise (CVE-2024-4947)
So how did they pull it off? With Hollywood-level commitment, thatās how! Kasperskyās top-notch detectives, who presented their findings in Bali of all places (jealous!), say Lazarus dressed this malware trap up in a professional-looking website. It was the āNFT Tank Warsā youāve been waiting for! But instead of global domination in-game, you might have ended up with global domination of your devices by Lazarus. š¾š»
Plot twist: Lazarus used Chromeās V8 JavaScript engine as their way in, exploiting a vulnerability so fresh it even had a āCVEā code (CVE-2024-4947, for the record). Google patched it ASAP, but not before Lazarus got in some cheeky wallet grabs. š ļø
Related: Crypto Titans Bunker Down Now: Vitalik’s Austerity Vow, Binance $1B Bitcoin Shield
š© Level 3: Lazarus, the Influencer Wannabes
The North Korean group went full social media ninja with this one! First, they launched a fake site looking slick enough to lure unsuspecting crypto fans. They even got cozy with influencers and pumped the game on platforms like LinkedIn and X (formerly Twitter). Think they were AI-generated selfies, crypto jargon, and ātank battleā hashtags galore! š¤³š²
“Imagine scrolling your feed, just wanting to check the latest crypto memes,” said Kasperskyās Boris Larin, āand suddenly youāre downloading a game thatās out for blood (and by blood, I mean your wallet info).” š©øš
š„ Level 4: Tank Game, Trojan Horse-Style
The game Lazarus ādevelopedā wasnāt just a simple prankāit was a nearly perfect replica of a real blockchain game, complete with stolen source code! So, when you clicked on the innocent-looking ZIP file, not only were you registering for āTanks of Glory,ā but you were also installing a little surprise: malware. š¤Æ
In fact, the actual game creators got hacked back in March 2024, and Lazarus mustāve thought, āHey, why reinvent the wheel? Letās borrow their code!ā Talk about āreduce, reuse, recycle,ā but make it cybercrime edition. ā»ļøš»
Related: Privacy Confirmed: Advanced FHE Coming To All Shiba Inu Tokens
š¤ Level 5: Ultimate Social Engineering
Lazarus didnāt stop thereāthey used their newfound influencer skills to create social media hype that even a Kardashian would envy. They spent months generating fake posts and even recruited influencers (real or AI-generated, you decide š¤) to boost the gameās credibility. Larin, from Kaspersky, explained, āThe Lazarus crew didnāt just pull this off overnight. They were out there, engaging the community, hyping their ‘game,’ andāboomācapturing crypto.ā šš
šØ Boss Level: Validator Shellcode
In a final twist, the malware ran a little check on each device it infected, just to see if it was worth the trouble. High-profile crypto wallet? Jackpot. An ancient laptop with only free crypto samples? Hard pass. If you made the cut, the malwareās mission went to the next level, although what happened next is still unknown. šš
The End (or Is It? š)
So, while youāre busy looking up the next great blockchain game, remember: the āTank Warsā you’re playing might not be the only battle happening behind the screen! Be suspicious of crypto games offering big prizes and maybe think twice before you click on that shiny link… unless you want to ātankā your own wallet! ššø
Read More
- US Is Bent On Seizing Back $2.67M in Crypto Stolen by Lazarus Group
- Crypto Sleuth Exposes Circleās Hypocrisy in Lazarus Group Fund Freeze
- Crypto Trader Faces Accusations in North Korean Crypto Laundering Operation
GAIRIKA
Gairika is a cryptocurrency journalist with a focus on Bitcoin and blockchain technology.
