CryptoInfoNet

Cryptocurrency News

Fake NFT Game Used by North Korean Hackers to Infect PCs and Steal Crypto

5 hours ago CryptoInfoNet
North Korean Hackers Used A Fake Nft Game To Infect Pcs, Steal Crypto

North Korean hackers in the Lazarus group have infected PCs with “Manuscrypt” malware via a malicious website that uses the Chrome browser to promote a supposed “play and earn” NFT game, according to a report from Russian cybersecurity firm Kaspersky.

The attacks used a zero-day Chrome exploit to conduct remote code execution (RCE), infecting the victim’s device when the website loaded. The researchers who discovered the exploit in May told Google that only a “limited number” of attacks were actually conducted, including a person’s computer in Russia. Google then released a fix for the type confusion bug enabling the attacks.

The fake game, called DeTankZone, promised to let players drive NFT tanks to battle others and earn “rewards,” presumably cryptocurrency or other NFTs. But the game was a front for the malicious attack, which had the RCE attack stored in one of the website’s index.tsx files, according to the report.

The hackers even went as far as creating multiple fake X accounts to promote their game under handles including @collectspin and @DeTankZone. The “CollectSpin” X account remains visible at time of writing, but it hasn’t posted since April.

The latter account had over 6,000 followers and over 5,000 posts before it was deleted. It was created in 2019, according to X’s data, meaning it may have been a hacked account repurposed for the scheme. Both accounts constantly asked users to “DM” them—a common tactic used by crypto scammers to lure victims into clicking on malicious links or downloading files. It also asked other crypto accounts to promote it, seemingly to help create a sense of legitimacy.

Perhaps the most surprising part of the whole scheme is that the game’s website actually contained a real, likely stolen, game built on Unity from a crypto project called DeFiTankLand. Kaspersky researchers were ultimately able to download the “beta” of the game and play against bots, despite having issues on the login screen. They found it to be somewhat “tacky” and underwhelming, though, like “shareware games from the early 2000s.”

Unsurprisingly, the researchers didn’t mention receiving NFTs or crypto from the game. If you played it, you probably only got malware, a compromised PC, and an empty crypto wallet.

Source link

#North #Korean #Hackers #Fake #NFT #Game #Infect #PCs #Steal #Crypto

Tags:

More Stories

Logo

The Fund You Absolutely Need This Cycle: 1000X倍 Fund

19 hours ago CryptoInfoNet
Tokengators: A New Nft Adventure From Superpaperthings | Nft Culture | Nft News | Web3 Culture

Introducing TokenGators: SuperPaperThings’ Exciting NFT Adventure | Explore NFT Culture, News, and Web3 Culture

1 day ago CryptoInfoNet
Ubisoft Returns To Nft Gaming With Launch Of Champion Tactics: Grimoria Chronicles 

Ubisoft Re-enters the NFT Gaming Arena with Release of Champion Tactics: Grimoria Chronicles

2 days ago CryptoInfoNet

Leave a Reply

Your email address will not be published. Required fields are marked *

You may have missed

Is Crypto Trading The New Gold Rush? Discover How It Works

Exploring the Modern-Day Gold Rush: Unveiling the Mechanics of Cryptocurrency Trading

2 hours ago CryptoInfoNet
Stablecoin Crypto Report Trend

Future Trends in Stablecoin Cryptocurrency: A Next Generation Report

2 hours ago CryptoInfoNet
Somnia Crypto Blockchain Metaverse

The Metaverse: Embracing a New Era of Blockchain Technology

3 hours ago CryptoInfoNet
North Korean Hackers Used A Fake Nft Game To Infect Pcs, Steal Crypto

Fake NFT Game Used by North Korean Hackers to Infect PCs and Steal Crypto

5 hours ago CryptoInfoNet