They also uncovered a network of North Korean developers allegedly involved in legitimate crypto projects, reportedly earning substantial monthly incomes.
The deceptive game, named DeTankZone or DeTankWar, featured non-fungible tokens (NFTs) to entice users. Analysts Vasily Berdnikov and Boris Larin explained that the hackers led victims to a malicious site that deployed Manuscript malware, allowing them to capture sensitive information like passwords and authentication tokens stored in Chrome. This facilitated the theft of users' crypto assets.
Kaspersky's team identified these tactics in May and promptly notified Google. However, it took the tech giant 12 days to patch the critical vulnerability, during which the Lazarus Group continued their exploits, exacerbating the situation.