Security News > 2024 > October > Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day
2024-10-23 18:03
The North Korean Lazarus hacking group exploited a Google Chrome zero-day tracked as CVE-2024-4947 through a fake decentralized finance (DeFi) game targeting individuals in the cryptocurrency space. [...]
News URL
Related news
- New details reveal how hackers hijacked 35 Google Chrome extensions (source)
- Google Chrome is making it easier to share specific parts of long PDFs (source)
- Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet (source)
- Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025 (source)
- Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking (source)
- XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells (source)
- Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores (source)
- Google Chrome's AI-powered security feature rolls out to everyone (source)
- Google Chrome disables uBlock Origin for some in Manifest v3 rollout (source)
- Hackers exploit Four-Faith router flaw to open reverse shells (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-15 | CVE-2024-4947 | Type Confusion vulnerability in multiple products Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 9.6 |