Citrine Sleet has recently been discovered exploiting vulnerabilities in the Google Chrome browser to steal cryptocurrency. According to Microsoft, this group has used a zero-day vulnerability in Chrome to carry out its attacks. A zero-day vulnerability is a security flaw that hackers can exploit before developers become aware.
Microsoft revealed that it first detected North Korean hackers using this zero-day vulnerability to attempt cryptocurrency theft earlier this month. Google addressed the vulnerability within just two days, but it is still unclear how many users were affected by the attacks.
Citrine Sleet targets organizations and individuals involved in cryptocurrency, including financial institutions. This North Korean-based hacking group gathers and analyzes data related to the cryptocurrency industry to execute precise attacks. They use malware such as the Trojan horse variant AppleZeus and have been tracked under various aliases, including Miro Cheonlima, UNC4736, and Hidden Cobra.
According to the report, Citrine Sleet lures victims by creating fake websites that mimic legitimate cryptocurrency trading platforms. They also employ fraudulent job applications to trick victims into downloading cryptocurrency wallets or trading apps infected with malware. Once they access victims’ computers, they collect the information to steal cryptocurrency assets.
Microsoft’s analysis suggests that North Korean hackers have stolen substantial amounts of cryptocurrency using these methods. However, the exact amount of stolen funds has not yet been disclosed. The U.S. government believes that North Korean hacking groups are likely to continue targeting vulnerabilities in cryptocurrency technology companies, gaming companies, and exchanges to secure funding for their regime.
Blockchain research firm TRM Labs reports that approximately one-third of the global cryptocurrency theft incidents last year were attributed to North Korean hackers. The United Nations Security Council’s North Korea Sanctions Committee estimates that from 2017 to the present, North Korea has amassed around $3 billion through cyber theft, including cryptocurrency.
The international community views these cyber theft activities as a means for North Korea to secure funding for its nuclear weapons development amid stringent sanctions.
Most Commented