Lazarus 加密货币黑客组织在网上重新浮出水面

Lazarus Group 是一个臭名昭著的黑客组织，由数量不详的人员组成，据称由朝鲜政府运营

The Lazarus Group, a state-sponsored North Korean hacker group, has resurfaced after months of silence. In its latest attack, the group used a fake, non-fungible token (NFT)-based game on Google Chrome to install spyware that stole crypto and NFT wallet credentials.

朝鲜国家资助的黑客组织拉撒路集团 (Lazarus Group) 在沉寂数月后重新浮出水面。在最新的攻击中，该组织在 Google Chrome 上使用虚假的、基于不可替代代币 (NFT) 的游戏来安装窃取加密货币和 NFT 钱包凭证的间谍软件。

According to an Oct. 24 blog post by Cointelegraph, the Lazarus hacker group has resurfaced online after several months "underwater." The group began by launching a fake NFT game on Chrome that installed spyware designed to pilfer sensitive data from crypto users engaging with the fake game.

根据 Cointelegraph 10 月 24 日的一篇博客文章，Lazarus 黑客组织在“水下”几个月后重新出现在网上。该组织首先在 Chrome 上推出一款虚假 NFT 游戏，该游戏安装了间谍软件，旨在窃取参与虚假游戏的加密货币用户的敏感数据。

The #NorthKorean #Lazarus hacking group exploited a Google Chrome zero-day tracked as CVE-2024-4947 through a fake decentralized finance (DeFi) game targeting individuals in the cryptocurrency space. #Hacking #cybersecurityhttps://t.co/wMBJUipAq4

#NorthKorean #Lazarus 黑客组织通过针对加密货币领域个人的虚假去中心化金融 (DeFi) 游戏，利用了追踪为 CVE-2024-4947 的 Google Chrome 零日漏洞。 #黑客#网络安全https://t.co/wMBJUipAq4

— Anonymous🐾🐈‍⬛ (@YourAnonRiots) October 23, 2024

- 匿名🐾🐈‍⬛ (@YourAnonRiots) 2024 年 10 月 23 日

The Lazarus Group is a North Korean state-sponsored cyber threat group linked to the North Korean Reconnaissance General Bureau (RGB). The NKRGB is tasked with espionage, covert operations and cyber activities. Throughout its existence, the RGB has dedicated significant efforts to gathering intelligence and attempting to infiltrate crypto funds in South Korea, the United States and Japan.

Lazarus Group 是朝鲜国家支持的网络威胁组织，与朝鲜侦察总局 (RGB) 有联系。 NKRGB 的任务是从事间谍活动、秘密行动和网络活动。自成立以来，RGB 一直致力于收集情报并试图渗透韩国、美国和日本的加密货币基金。

The Lazarus Group gained notoriety in 2021 when it was officially named by the Federal Bureau of Investigation (FBI) as the perpetrator of a breach on Sky Mavis, the developer of the popular blockchain-based video game Axie Infinity, which resulted in the theft of digital assets worth hundreds of millions of dollars. As of December 2023, North Korean hackers had stolen over $3 billion in crypto heists.

Lazarus 集团于 2021 年被美国联邦调查局 (FBI) 正式认定为对流行的区块链视频游戏 Axie Infinity 的开发商 Sky Mavis 进行数据泄露事件的肇事者，该事件导致其被盗。价值数亿美元的数字资产。截至 2023 年 12 月，朝鲜黑客通过加密货币盗窃窃取了超过 30 亿美元。

The Lazarus hacker group strikes again in 2024

Lazarus黑客组织2024年再次发动袭击

The exploit was noticed by Kaspersky Labs analysts in May and reported to Google, which fixed it several days later, as per the Cointelegraph report. The hackers launched a play-to-earn multiplayer online battle arena (MOBA) game and advertised it on LinkedIn and X. The game, which was a DeTankZone knockoff, featured NFTs used as tanks in a global competition. The fake NFT game was initially discovered and flagged by the Microsoft Security Team in February 2024.

据 Cointelegraph 报道，卡巴斯基实验室分析师在 5 月份注意到了该漏洞，并向谷歌报告，谷歌在几天后修复了该漏洞。黑客推出了一款通过玩来赚钱的多人在线竞技场 (MOBA) 游戏，并在 LinkedIn 和 X 上进行了广告。这款游戏是 DeTankZone 的山寨版，其特色是在全球比赛中将 NFT 用作坦克。这款假冒 NFT 游戏最初由微软安全团队于 2024 年 2 月发现并标记。

Screenshot from Lazarus Group’s fake game. Source: SecureList

Lazarus Group 假游戏的屏幕截图。来源：SecureList

However, by the time Kaspersky planned to analyze the exploit, the North Korean hackers had already removed it from the website. Regardless, the Kaspersky Labs analysts notified Google about it, and Google patched the vulnerability in Chrome before the hackers could reuse the exploit.

然而，当卡巴斯基计划分析该漏洞时，朝鲜黑客已将其从网站上删除。不管怎样，卡巴斯基实验室的分析师将此事通知了谷歌，谷歌在黑客重新利用该漏洞之前修补了 Chrome 中的漏洞。

In the meantime, the total number of victims affected by this breach remains unknown. Users who previously interacted with the game are advised to reset all their passwords.

与此同时，受此漏洞影响的受害者总数仍不清楚。建议之前接触过游戏的用户重置所有密码。

Related NFT News:

相关 NFT 新闻：