A recent report from Microsoft’s cybersecurity team has exposed that a group of North Korean hackers called “Citrine Sleet” used a weakness in Google Chrome to steal cryptocurrency. Microsoft discovered the attack on August 19. The hackers exploited a flaw in the Chromium engine, which powers Chrome and other browsers like Microsoft Edge.
This flaw is known as a “Zero-day” because Google didn’t know about it before the hackers took advantage of it. Microsoft researchers explained that Citrine Sleet works like the well-known Lazarus Group. They create fake websites that look like real cryptocurrency trading sites to deceive people.
These fake sites trick users into downloading harmful software called “AppleJeus.” The software often pretends to be job applications or cryptocurrency wallets. Once it’s installed, the hackers can take control of the victim’s device and steal their cryptocurrency.
Google acted quickly to fix the issue, releasing a patch on August 21, just two days after Microsoft alerted them. However, the full impact of the attack is still unknown. We don’t yet know how many people or organizations were affected or how much cryptocurrency was stolen.
As the investigation continues, we still lack detailed information about the extent of the damage. The number of victims and the total amount of stolen cryptocurrency remain unclear.
