Google Chrome update patches scary zero-day vulnerability — North Korean hackers suspected

Google Chrome app logo on a smartphone screen
(Image credit: Google)

Google has released a Chrome browser update to patch a zero-day vulnerability that security researchers suspect is part of a hacking campaign carried out by North Korean hackers.

The bug, known as CVE-2021-21148, is said to be fixed by Chrome update 88.0.4324.150, although details about it are to "be kept restricted until a majority of users are updated with a fix." However, Google is aware of reports that CVE-2021-21148 exists in the wild. The update for Chrome (top-right corner of the browser) will be available for Windows, Mac and Linux. 

North Korean hackers

While Google has yet to specifically provide details, CVE-2021-21148 was reported on January 24 by Mattias Buelens, a day after Google's Threat Analysis Group (TAG) and Microsoft reported North Korean hackers launched an attack against the cyber-security community (via The Hacker News).

The purpose of the hacker attack is reportedly to install a backdoor on Windows, and it was done by North Korean hackers luring security researchers to visit a fake research blog. Microsoft had reported on January 28 that this was most likely due to the Chrome zero-day bug CVE-2021-21148.

A zero-day vulnerability is a term used when a computer software vulnerability, usually bugs or malware, is unknown to those who would be trying to fix it. This makes it very dangerous as it lets hackers rampage while security groups are none the wiser.

The events all seem to lead to Google's new Chrome update, so it goes without saying that it's best to update the browser as soon as possible. Google has also stated it won't fully release details "if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed."

Those looking for extra privacy and protection when online should look into subscribing to one of the best VPN services.  

Darragh Murphy

Darragh Murphy is fascinated by all things bizarre, which usually leads to assorted coverage varying from washing machines designed for AirPods to the mischievous world of cyberattacks. Whether it's connecting Scar from The Lion King to two-factor authentication or turning his love for gadgets into a fabricated rap battle from 8 Mile, he believes there’s always a quirky spin to be made. With a Master’s degree in Magazine Journalism from The University of Sheffield, along with short stints at Kerrang! and Exposed Magazine, Darragh started his career writing about the tech industry at Time Out Dubai and ShortList Dubai, covering everything from the latest iPhone models and Huawei laptops to massive Esports events in the Middle East. Now, he can be found proudly diving into gaming, gadgets, and letting readers know the joys of docking stations for Laptop Mag.