Hackers from the North Korean Lazarus Group created NFT -game to gain access to the crypto wallet data of Google Chrome browser users. This was reported by cybersecurity analysts Vasily Berdnikov and Boris Larin from Kaspersky Labs.
They said they discovered the malicious game in May 2024 and reported it to Google developers, who fixed the issue.
The hacker-created game, called DeTankZone or DeTankWar, was a fully functional online multiplayer game with the ability to earn money using tanks in the form of NFT . Players could compete against each other in real online competitions.
Berdnikov and Larin said Lazarus stole the source code of another legitimate game and actively promoted the pirated version on social media. The fake game had its own website with promotional images created using artificial intelligence.
Screenshot of the game by Lazarus Group
Once gamers clicked on a link to a malicious website, the Manuscrypt malware was implanted on their device. It exploited a vulnerability in the Google Chrome browser to gain access to cookies, authentication tokens, saved passwords, and browsing history. All of this was needed by hackers to steal users' funds.
The significant effort put into this campaign suggests that Lazarus had ambitious plans, and the real impact could be much larger, potentially affecting users and companies around the world, said Boris Larin.
It is not known how much the victims of the latest Lazarus Group exploit lost, but the hacker group, created back in 2009, is accused of stealing $3 billion from 2018 to 2023.
