FlagThis

CyberSecurity updates
Updated: 2024-11-06 21:05:00 Pacfic
securityaffairs.com
North Korean Hackers Targeting Cryptocurrency Sector - 6d
Read more: securityaffairs.com

North Korean hackers, identified as “Citrine Sleet” or “Labyrinth Chollima”, exploited a zero-day vulnerability in Chromium (CVE-2024-7971) to gain remote code execution (RCE) capabilities. This attack targeted the cryptocurrency sector for financial gain, highlighting the persistent threat posed by North Korea in the cyber domain.

References:
  • cyberinsider.com - North Korean Hackers ‘Citrine Sleet’ Exploited Zero-Day in Chrome - 6d
  • @BleepingComputer - North Korean hackers have exploited a recently patched Google Chrome zero-day (CVE-2024-7971) to deploy the FudModule rootkit after gaining SYSTEM privileges using a Windows Kernel exploit. - 5d
  • securityaffairs.com - North Korea-linked APT exploited Chrome zero-day to deliver FudModule rootkit - 5d
  • @patrickcmiller - North Korea-linked APT Citrine Sleet exploit Chrome zero-day to deliver FudModule rootkit - Security Affairs - 4d
  • www.microsoft.com - North Korean threat actor Citrine Sleet exploiting Chromium zero-day - 4d

Classification:
  • Company: Google
  • Target: Cryptocurrency sector
  • Attacker: Citrine Sleet
  • Product: Chrome
  • Feature: Zero-day
  • Type: Malware
  • Severity: Major

This site is an experimental news aggregator using feeds I personally follow. You can reach me using contacts documented at my website here (https://royans.net/) if you have feedback. You can also find FlagThis at Mastodon.