Sunday, June 23, 2024

North Korea’s Lazarus Group strikes again – DeBridge Finance.

The infamous Lazarus Group which operates from North Korea has struck again, and this time the victim is DeBridge Finance, a cross-chain interoperability and liquidity protocol.

Alex Smirnov, the co-founder and project lead at DeBridge Finance, revealed in a tweet that the platform has been subjected to an attempted cyberattack, apparently by the Lazarus group. The attack is believed to have come through a spoofed email. It contained a PDF file named “New Salary Adjustments” which appeared to have come from Smirov. Experts describe email spoofing as a form of attack wherein a malicious email is manipulated to look like it’s from an original source. Smirnov said DeBridge Finance has strict internal security policies. It works on improving as well as educating the team about the possible attack vectors.

The executive outlined that a person had downloaded and opened the file, and this triggered an attack on the firm’s internal systems. A probe was launched to determine how the hackers intended the exploit to work, and the potential consequences. Smirnov says DeBridge Finance’s analysis showed that the received code collects a lot of information about the PC and exports it to the attacker’s command center – username, OS info, CPU info, network adapters, and running processes. Smirnov had compared the DeBridge Finance attempted hack to similar characteristics used by the North Korean hacker group. The Lazarus Group is notorious for high-profile crypto hacks, including the $622 million Axie Infinity and the Harmony Horizon Bridge hack.

Smirnov warned followers to never open email attachments without verifying the sender’s full email address. He advised followers to have an internal protocol for how their team shares attachments. David Schwed, chief operating officer of Halborn, says these types of attacks are common. It relies on the inquisition nature of people by naming the files something that would pique their interest. Schwed said there are more and more of these types of attacks targeting blockchain companies due to the immutability of blockchain transactions.

Cryptured Team
Cryptured Team
The writers team at Cryptured.com is composed of passionate and experienced journalists who cover the latest developments in the crypto and blockchain space. They aim to provide accurate, unbiased and easy-to-understand news and information for their readers, as well as insights and analysis from industry experts. The writers team is always on the lookout for new and exciting stories that can help the general public learn more about the potential and challenges of these technologies.
RELATED ARTICLES

Most Popular