Microsoft says North Korean hackers stole crypto through Chromium

A vulnerability on multiple web browsers was exploited by the Citrine Sleet threat actor to steal crypto from its victims, according to Microsoft.

A Microsoft report claims a North Korean threat actor has been exploiting a flaw on Chromium to steal cryptocurrency.

The company’s security blog attributed the exploitation of this bug “with medium confidence” to Citrine Sleet, a cyberattacker that primarily targets financial institutions – particularly those in the crypto sector – for financial gain. Microsoft said Citrine Sleet has been connected to North Korea’s Reconnaissance General Bureau.

The group has been observed exploiting a bug on the open-source browser project Chromium to infect victims with malware.

Read more at Silicon Republic.