- Microsoft identified a North Korean hacking group exploiting a zero-day Chromium vulnerability to target cryptocurrency users.
- The threat actor, known as Citrine Sleet, uses sophisticated malware to gain control of victims’ digital assets.
- Microsoft has urged users to update their software immediately, highlighting the urgency of the situation.
Microsoft, the world tech leader, has recently threatened a North Korean hacker group that is exploiting a zero-day vulnerability in Google’s Chromium browser. This vulnerability, known as CVE-2024-7971, has been used by the hackers to hack into the details of normal users, where they can steal digital currency. Microsoft refers to the attributed threat actor as Citrine Sleet, who has been gathering intelligence on the crypto sector, emphasizing the organizations and individuals that operate with crypto assets.
Read CRYPTONEWSLAND on
google news
The Approach Used by Citrine Sleet Attack
In its latest blog post, Microsoft said that users should be on the lookout because Citrine Sleet uses social engineering and other techniques to persuade users to install harmful applications. The Asset Management Group constructs dummy virtual domains imitating real cryptocurrency exchanges and then hijacks users by offering them applications posing as a cryptocurrency exchange or offering fake job opportunities. Once installed, the malware, AppleJeus, collects the information needed to gain control of the target’s digital assets.
The Exploited Chromium Vulnerability
On August 19, 2024, Microsoft identified the exploitation of the CVE-2024-7971 vulnerability by Citrine Sleet. This type of confusion vulnerability in the V8 JavaScript engine of Chromium allowed the hackers to execute code within the sandboxed renderer process, leading to system compromise. Microsoft has also linked this activity to another North Korean threat actor, Diamond Sleet, which shares tools and infrastructure with Citrine Sleet.
Following the discovery, Google released a patch for the vulnerability on August 21, 2024. Microsoft has urged all users to implement the fix immediately to prevent further exploitation. The company has also directly notified targeted or compromised customers, providing them with crucial information to secure their systems.
Microsoft’s Response and Recommendations
Following the discovery, Google released a patch for the vulnerability on August 21, 2024. Microsoft has urged all users to implement the fix immediately to prevent further exploitation. The company has also directly notified targeted or compromised customers, providing them with crucial information to secure their systems.
Crypto News Land, also abbreviated as “CNL”, is an independent media entity – we are not affiliated with any company in the blockchain and cryptocurrency industry. We aim to provide fresh and relevant content that will help build up the crypto space since we believe in its potential to impact the world for the better. All of our news sources are credible and accurate as we know it, although we do not make any warranty as to the validity of their statements as well as their motive behind it. While we make sure to double-check the veracity of information from our sources, we do not make any assurances as to the timeliness and completeness of any information in our website as provided by our sources. Moreover, we disclaim any information on our website as investment or financial advice. We encourage all visitors to do your own research and consult with an expert in the relevant subject before making any investment or trading decision.
