Lazarus Group Hackers Steal Crypto from Chrome via Fake NFT Game

North Korean hacker group Lazarus exploited a fake NFT game to hack Chrome and steal cryptocurrency wallets. Using a previously unknown vulnerability, they installed spyware directly from the game’s website, even if users didn’t download it.

Play-to-lose

The game, called DeTankZone (or DeTankWar), used NFT tanks for online battles. It was promoted via LinkedIn and X but turned out to be a trap for installing malware. The hackers cloned an existing game, DeFiTankLand, attracting many users.

Microsoft Security researchers discovered the attack in February and reported the vulnerability to Google, which released a patch. It’s been confirmed that the attackers used a previously undiscovered vulnerability in the V8 JavaScript engine. This was the seventh time a Chrome breach had been used to steal cryptocurrency in 2024 by mid-May.

Lazarus Group has a long history of targeting crypto. Between 2020 and 2023, they laundered over $200 million from 25 attacks, including the $600 million Ronin Bridge hack. With growing interest in NFTs and Web3, the risks for users are increasing. Experts advise thoroughly checking platforms and projects to avoid falling victim to such schemes.

The use of NFTs in attacks highlights the danger of rising interest in tokens among cybercriminals. NFTs are no longer just collectibles — they have become a tool for fraud.

So, stay vigilant and update your browser!