The hackers created fake websites of crypto trading platforms. These sites were then used to spread fake job openings or lured into downloading wallets or trading apps.
The attack began the moment the site was visited, at which time the malicious code would begin executing.
Taking advantage of another vulnerability in the Windows kernel, hackers installed a rootkit on the victim’s computer. At this point, the victim has virtually no chance of defending themselves, and the hackers can take full control of their computer.
The first use of the bug was reported on August 19, and the problem was fixed on August 21.
The Citrine Sleet group was behind the hack.
The number of people affected is unknown.