North Korean hacking syndicate Lazarus Group is thought to be behind a failed cyberattack on deBridge Finance yesterday.
A suspected hacking attempt from North Korean cybercriminals has been averted.
DeBridge Finance co-founder Alex Smirnov posted on Twitter today that the protocol’s team had been the subject of an attempted cyberattack that may have been engineered by the North Korean hacking syndicate Lazarus Group.
According to Smirnov, several members of the deBridge team received emails yesterday with PDFs attached to them entitled “New Salary Adjustments.” Downloading the file and submitting password information would have unleashed a data-collecting virus on affected computers, and the virus would then have transmitted collected data to an “attacker command center.”
Smirnov claims the PDF titles, “New Salary Adjustments,” were used by Lazarus Group hackers in previous cyberattacks; he furthermore warned all teams in Web3 to keep on the lookout for similar attacks, believing the campaign to be “widespread.” The deBridge protocol itself had not been affected by the attempted cyberattack, assured Smirnov.
Lazarus Group became infamous in the crypto space in March for exploiting Axie Infinity’s Ronin bridge for $550 million, the biggest hack in crypto history. According to DeFiance Capital founder Arthur Cheong, Lazarus Group is only one of multiple state-sponsored North Korean hacking syndicates that are currently targeting the crypto space; Cheong believes “all the prominent organizations” in the industry are at risk. Cybersecurity firm Kaspersky has echoed Cheong’s warnings, claiming that another group called BlueNoroff is targeting crypto startups.
North Korean hacking groups have also used cryptocurrencies in ransomware attacks against other sectors of the economy. Last month, the U.S. Justice Department recovered $500,000 from North Korean hackers who had forced two U.S. hospitals to send ransom money in Bitcoin to regain access to their servers.
Disclosure: At the time of writing, the author of this piece held ETH and several other cryptocurrencies.