North Korean hackers attempted to steal cryptocurrencies by exploiting a previously unknown vulnerability in Chrome-based browsers on August 19, according to a report published by Microsoft.
The vulnerability, which was quickly patched by Google on August 21, posed a significant threat to the cryptocurrency industry.
“We assess with high confidence that the observed breach is attributable to a North Korean threat actor targeting the cryptocurrency industry for financial gain,” Microsoft's report said.
The hackers were linked to a group known as Citrine Sleet, which has a history of exploiting vulnerabilities in the crypto industry. Citrine Sleet is reportedly affiliated with the 121st Bureau of the Reconnaissance General Bureau, a notorious cyberwarfare unit of North Korea.
The incident is part of a broader pattern of cyberattacks attributed to North Korea. A recent UN Security Council report found that North Korean hackers stole $3 billion in crypto assets over the past seven years through 58 suspected cyberattackers. The US government has warned that these hackers will continue to target vulnerabilities in crypto firms, gaming companies and exchanges to generate and launder funds.
Citrine Sleet is known for specifically targeting financial institutions that manage cryptocurrencies. The group uses a unique trojan malware called AppleJeus, designed to gather information needed to take control of victims’ crypto assets.
*This is not investment advice.