North Korean hackers exploit Chrome zero-day vulnerability to attack cryptocurrency users

ChainCatcher message, Microsoft cybersecurity researchers have discovered a zero-day vulnerability in the Chromium engine, which powers browsers like Chrome. This vulnerability has been exploited by a North Korean hacker group known as Citrine Sleet, specifically targeting cryptocurrency users. Citrine Sleet has used a rootkit malware called FudModule to create fake cryptocurrency trading platform websites, luring users into downloading malware or weaponized cryptocurrency wallets, thereby gaining remote code execution access to steal the victims' crypto assets. This vulnerability was patched on August 21, and users are urged to update their browsers as soon as possible to ensure safety. This is the third exploited Chromium zero-day vulnerability this year.