The North Korean Lazarus hacking group has leveraged a Google Chrome zero-day vulnerability, identified as CVE-2024-4947, as part of a highly targeted campaign aimed at individuals in the cryptocurrency space. This exploitation was delivered through a fake decentralized finance (DeFi) game, designed to lure victims and compromise their systems. In one notable instance, the attackers targeted the personal computer of an unnamed Russian national, deploying the Manuscrypt backdoor to establish long-term access and facilitate further malicious activities.
What’s new on HivePro
Get through updates and upcoming events, and more directly in your inbox