Google researchers found that two North Korean hacking groups exploited a remote code execution 0-day vulnerability in the Chrome browser for more than a month to attack news media, IT companies, cryptocurrencies and fintech institutions.
Operation AppleJeus used the same exploit kit to attack 85 users in the cryptocurrency and fintech industries and successfully compromise at least 2 fintech company websites with hidden iframes.
The researchers also found that attackers set up fake websites to spread trojanized cryptocurrency apps, hiding iframes and pointing visitors to exploit kits.