Oddbean new post about | logout
 Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day

The North Korean Lazarus hacking group exploited a Google Chrome zero-day tracked as CVE-2024-4947 through a fake decentralized finance (DeFi) game targeting individuals in the cryptocurrency space.

Kaspersky discovered the attacks on May 13, 2024, and reported the Chrome zero-day flaw to Google.

Google issued a fix for CVE-2024-4947 on May 25, with Chrome version 125.0.6422.60/.61.

See more: https://www.bleepingcomputer.com/news/security/lazarus-hackers-used-fake-defi-game-to-exploit-google-chrome-zero-day/

#cybersecurity #security