Dark
Light

North Korean hackers use Chromium zero-day to attack systems

1 min read
53 views

TLDR:

  • North Korean threat actor Citrine Sleet exploited a zero-day vulnerability in the Chromium browser, known as CVE-2024-7971, for financial gain in the cryptocurrency sector.
  • Microsoft has attributed the exploitation to Citrine Sleet with high confidence, linking the threat actor to the deployment of the FudModule rootkit.

Microsoft discovered that North Korean threat actor Citrine Sleet exploited a zero-day vulnerability in the Chromium browser, identified as CVE-2024-7971. This vulnerability allowed for remote code execution in the sandboxed Chromium renderer process. Citrine Sleet primarily targets the cryptocurrency sector for financial gain, using typical stages seen in browser exploit chains to direct targets to their exploit domain. The exploitation of CVE-2024-7971 has been attributed to Citrine Sleet with high confidence, with the threat actor linked to the deployment of the FudModule rootkit. Organizations are urged to implement recommended mitigations and stay vigilant against evolving cyber threats in the cryptocurrency sector.

Previous Story

Minecraft server hit with massive 315 billion packets attack

Next Story

Defending consumer data after recent security breaches

Latest from News