Hackers from North Korea has reportedly found a new victim in DeBridge Finance, a cross-chain interoperability and liquidity transfer protocol, multiple sources disclose, Saturday.
Based on DeBridge’s initial assessment, the attempted cyberattack likely originated from the notorious North Korean hacking syndicate, Lazarus Group.
Several DeBridge team members received a faked email containing a PDF file titled “New Salary Adjustments” that was purportedly sent by DeBridge co-founder Alex Smirnov.
According to Smirnov, a significant number of DeBridge staff received emails from the hackers. Upon viewing and downloading the PDF file, the PCs were infected with a malware that collects data.
“Fast investigation revealed that the received script captures several computer-related details and sends them to the attacker’s command and control center,” Smirnov added.
17/ Indicators of Compromise: CnC: www[.]googlesheet[.]info
New Salary Adjustments.pdf (clean): 15a42f76f41c8f4bab828160e4fd39c2
New Salary Adjustments.pdf (with password): 00380fcbb2af75ec177301d44d658bc4
password.txt.lnk: 2eaa53ccb43cd38a1f0a28abcd7f6a30
— deAlex (@AlexSmirnov__) August 5, 2022
Lazarus Hackers Behind High-Profile Attacks In Recent Years
Email spoofing is a type of attack in which a malicious email is made to appear to have originated from a trustworthy source, in this case, the co-founder of the company.
Smirnov asserts that Lazarus Group hackers utilized the PDF names “New Salary Adjustments” in past hacks, and he cautioned all Web3 teams to remain vigilant for similar intrusions.
Lazarus is responsible for some of the most prominent security breaches in recent years, including the 2014 Sony hack.
The group goes after crypto-based enterprises around the world. It recently targeted Axie Infinity’s Ronin Bridge and carted off more than $622 million, making it the biggest hack in crypto history.
Image: Bleeping Computer
Arthur Cheong, the founder of DeFiance Capital, stated that Lazarus is simply one of numerous cyber syndicates supported by North Korea that are actively targeting the global crypto industry.
David Schwed, CEO of blockchain security firm Halborn, says:
“These types of attacks are pretty prevalent… they rely on the inquisitive character of people by labeling the files something that would spark their curiosity, such as salary information.”
Cybersecurity firm Kaspersky has reiterated Cheong’s warnings, warning that a new group known as BlueNoroff is currently targeting cryptocurrency firms.
Buffett: Cyberattacks Bigger Threat Than Nukes
Recently, the U.S. Justice Department recouped $500,000 from North Korean hackers who compelled two American medical facilities to pay Bitcoin ransom payments.
Warren Buffet, a billionaire businessman and philanthropist, views cybercrime as one of humankind’s biggest problems and cyberattacks as a greater threat to humanity than nuclear or biological weapons.
In April 1955, the contemporary definition of the term “hack” was coined at the Massachusetts Institute of Technology. The Tech published the first recorded mention of computer (phone) hacking in 1963.
The evolution of the world’s threat landscape – from phone systems to a massive datasphere – has eclipsed humanity’s capacity to safeguard it in the past few decades.
Crypto total market cap at $1.07 trillion on the daily chart | Source: TradingView.com
Featured image from BitDegree, chart from TradingView.com