A recent Chrome update takes care of a high-risk flaw that could have been weaponized by North Korean threat actors in attacks against security researchers.
Breadcrumbs leading to North Korean hackers
The vulnerability was first reported by security analyst Mattias Buelens in late January 2021. At that point, Google admitted it was aware of a viable exploit for this bug that was being harnessed in the wild. Furthermore, the tech giant’s Threat Analysis Group (TAG) shortly published an article describing an attack chain used by a high-profile hacker gang based in North Korea. According to these findings, the government-funded cybercrime crew zeroed in on researchers involved in vulnerability analysis initiatives.
The crooks have been reportedly using social media channels to lure their targets into visiting a malware-riddled blog under the guise of cooperation proposals. When visited from an unpatched version of Chrome (older than v88.0.4324.150), the site would trigger an exploit that quietly executed malicious code in the system and kept a loophole opened for further exploitation. Since some security-minded folks have fallen for this trick, regular users could be much easier prey.
With that said, it’s strongly recommended to head to the browser’s settings, open ‘Help’, select ‘About Google Chrome’, and ascertain that the latest build is already installed. If it’s not, the right time to update is now.