North Korean hackers have reportedly identified a new victim in DeBridge Finance, an inter-chain liquidity transfer and interoperability protocol, multiple sources revealed on Saturday.
Based on DeBridge’s initial assessment, the attempted cyberattack likely came from the notorious North Korean hacking syndicate, Lazarus Group.
Several members of the DeBridge team received a fake email containing a PDF file titled “New Salary Adjustments” purportedly sent by DeBridge co-founder Alex Smirnov.
According to Smirnov, a significant number of DeBridge staff received emails from the hackers. While viewing and downloading the PDF file, computers were infected with a data-collecting malware.
“Quick investigation revealed that the received script captures several details related to the computer and sends them to the attacker’s command and control center,” Smirnov added.
17/ Compromise Indicators: CnC: www[.]googlesheet[.]information
New salary adjustments.pdf (net): 15a42f76f41c8f4bab828160e4fd39c2
New salary revisions.pdf (with code): 00380fcbb2af75ec177301d44d658bc4
password.txt.lnk: 2eaa53ccb43cd38a1f0a28abcd7f6a30— deAlex (@AlexSmirnov__) August 5, 2022
Lazarus Hackers behind high-profile attacks in recent years
Email spoofing is a type of attack where a malicious email appears to come from a trusted source, in this case, the company’s co-founder.
Smirnov claims that the Lazarus Group hackers used the PDF names “New Salary Adjustments” in previous hacks and warned all Web3 groups to remain vigilant for similar hacks.
Lazarus is responsible for some of the most high-profile security breaches in recent years, including the Sony hack in 2014.
The group pursues crypto-based businesses around the world. It recently targeted Axie Infinity’s Ronin Bridge and took more than $622 million, making it the biggest hack in cryptocurrency history.
Image: Bleeping Computer
Arthur Cheong, founder of DeFiance Capital, said that Lazarus is just one of numerous North Korean-backed cyber syndicates that are actively targeting the global crypto industry.
David Schwed, CEO of blockchain security firm Halborn, says:
“These types of attacks are quite common … they rely on people’s inquisitive nature, pointing to files that would pique their curiosity, such as salary information.”
Cybersecurity firm Kaspersky echoed Cheong’s warnings, warning that a new group known as BlueNoroff is currently targeting cryptocurrency companies.
Buffett: Cyberattacks greater threat than nuclear
Recently, the US Department of Justice recovered $500,000 from North Korean hackers who forced two US medical facilities to pay Bitcoin ransom payments.
Warren Buffet, a billionaire businessman and philanthropist, sees cybercrime as one of humanity’s greatest problems and cyberattacks as a greater threat to humanity than nuclear or biological weapons.
In April 1955, the modern definition of the term “hack” was coined at the Massachusetts Institute of Technology. Tech published the first recorded report of computer (phone) hacking in 1963.
The evolution of the global threat landscape – from phone systems to a vast data sphere – has eclipsed humanity’s ability to protect it in recent decades.
Crypto total market cap at $1.07 trillion on the daily chart | Source: TradingView.com Featured image from BitDegree, chart from TradingView.com
