“North Korean Hackers Attack Chrome Security Vulnerability to Steal Cryptocurrency”

It has been discovered that North Korean hackers have focused their attacks on security vulnerabilities in Google’s Internet browser, Chrome, in the process of stealing virtual currency held by institutions and individuals around the world.

According to a report released by Microsoft (MS) on the 30th of last month (local time), a North Korean hacker group called ‘Citrin Slit’ mainly targeted security vulnerabilities in the Chrome browser during the process of attacking institutions and individuals holding virtual currency early last month.

Hackers created fake sites and pretended to be legitimate cryptocurrency trading platforms, and induced victims who accessed the sites to download fake applications (apps) with malicious code. After infecting the victims’ computers or mobile phones with malicious code, the hackers stole various personal information necessary for cryptocurrency theft.

MS is presuming that ‘Citrin Slit’ is affiliated with the 121st Bureau of the Reconnaissance General Bureau, which directs North Korea’s cyber terrorism. MS reported this fact to Google on the 19th of last month, but Google said it was not aware of it until then. The amount of virtual currency stolen by the hackers of ‘Citrin Slit’ by attacking Chrome’s security vulnerability has not yet been confirmed.

In relation to this, Shin Won-sik, the director of the National Security Office, held a briefing at the presidential office in Yongsan on the 1st and announced that he would be pushing forward with the ‘National Cyber ​​Security Basic Plan’ to aggressively respond to cyber ‘influence operations’ by hostile forces such as North Korea. To this end, he decided to strengthen self-regulation by platform operators such as Naver and YouTube to eradicate false information and to establish a global cyber cooperation system.

The basic plan, jointly established by 14 ministries including the Ministry of Foreign Affairs, the Ministry of National Defense, and the National Intelligence Service, includes the promotion of the enactment of the ‘Basic Cyber ​​Security Act’ to investigate and respond to threat actors such as hacking organizations, and the development of cybercrime investigation techniques such as theft of virtual assets. A government official stated, “We are trying to regulate the content that domestic intelligence investigation agencies can use against international hacking organizations and state-sponsored hacking organizations.”