North Korean hackers attacked the deBridge cross-chain protocol
Hackers sent out phishing software through the fake email of the project’s co-founder
06.08.2022 - 10:30
239
2 min
0
What’s new? deBridge, a cross-chain protocol, has been subjected to a phishing attack. The project’s co-founder Alex Smirnov said on Twitter that the hacking attempt was repelled, he suggests that North Korean hackers from the Lazarus group may have been behind it. According to him, the hackers sent out emails with malware through the fake email of one of the company’s co-founders.
1/ @deBridgeFinance has been the subject of an attempted cyberattack, apparently by the Lazarus group.PSA for all teams in Web3, this campaign is likely widespread. pic.twitter.com/P5bxY46O6m— deAlex (@AlexSmirnov__) August 5, 2022
More details about the hack. According to Smirnov, several members of the deBridge team received emails on August 5 with PDF files attached to them titled “New Salary Adjustments.” When downloading the file, a virus was activated that steals all data from the device.
The co-founder of deBridge also warned all the other teams in Web 3.0 to watch out for such cases. In his opinion, such mailings could be part of a larger attack. Smirnov assured that the protocol itself was not affected.
The biggest hack in 2022 was carried out in roughly the same way. In March, the Ronin Network’s sidechain underlying the Axie Infinity blockchain game lost $625 million. Hackers sent a PDF file containing malware disguised as an offer to one of the employees of the company developer of the game, and as a result, they managed to access several of the network’s validators. The US government later linked the incident to the Lazarus group.
In June, analysts at Elliptic said that hackers from Lazarus could also be behind the Horizon Bridge hack on the Harmony network. The network lost $100 million as a result of the attack. According to experts, the hacking and laundering tactics were similar to other incidents involving hackers from the DPRK. The exploit itself was probably perpetrated using social engineering techniques.
Useful material?
Market
Tether Finance division will be responsible for the issuance and redemption of USDT stablecoins
Apr 18, 2024
Trends
The first project introduced on the platform will be BounceBit (BB)
Apr 18, 2024
Business
The rate exchange of the native ACH token reacted with a 10% increase
Apr 18, 2024
Market
Miners are hunting for the first block after halving as the value of the first satoshi could exceed $1 million
Apr 18, 2024
Market
The platform will be non-custodial and accessible to everyone
Apr 15, 2024
Market
China Asset Management, Harvest Global Investments, and Bosera Asset Management have received permits
Apr 15, 2024