"North Korea's 'Citrine Sleet' APT Exploits Zero-Day Chromium Bug"

Last month, a North Korean intelligence threat actor exploited two novel vulnerabilities to steal from the cryptocurrency industry and fund the Kim Jong Un regime. Microsoft has revealed that an Advanced Persistent Threat (APT) within Bureau 121 of North Korea's Reconnaissance General Bureau, tracked as "Citrine Sleet," chained together previously unknown flaws in Windows and Chromium browsers. They also used a rootkit to gain deep system access before stealing from targets. This article continues to discuss findings regarding the Citrine Sleet APT.

Dark Reading reports "North Korea's 'Citrine Sleet' APT Exploits Zero-Day Chromium Bug"

Submitted by grigby1