- DeBridge Finance fended off a cyberattack yesterday, according to co-founder Alex Smirnov.
- The modus operandi suggests the entity behind the attempted attack may be the North Korean hacking syndicate Lazarus Group.
- Lazarus Group is the criminal organization responsible for Axie Infinity’s $550 million Ronin bridge hack.
Share this article
North Korean hacking syndicate Lazarus Group is thought to be behind a failed cyberattack on deBridge Finance yesterday.
A suspected hacking attempt from North Korean cybercriminals has been averted.
DeBridge Finance co-founder Alex Smirnov posted on Twitter today that the protocol’s team had been the subject of an attempted cyberattack that may have been engineered by the North Korean hacking syndicate Lazarus Group.
According to Smirnov, several members of the deBridge team received emails yesterday with PDFs attached to them entitled “New Salary Adjustments.” Downloading the file and submitting password information would have unleashed a data-collecting virus on affected computers, and the virus would then have transmitted collected data to an “attacker command center.”
Smirnov claims the PDF titles, “New Salary Adjustments,” were used by Lazarus Group hackers in previous cyberattacks; he further warned all teams in Web3 to keep on the lookout for similar attacks, believing the campaign to be “widespread.” The deBridge protocol itself had not been affected by the attempted cyberattack, assured Smirnov.
Lazarus Group became infamous in the crypto space in March for exploiting Axie Infinity’s Ronin bridge for $550 million, the biggest hack in crypto history. According to DeFiance Capital founder Arthur Cheong, Lazarus Group is only one of multiple state-sponsored North Korean hacking syndicates that are currently targeting the crypto space; Cheong believes “all the prominent organizations” in the industry are at risk. Cybersecurity firm Kaspersky has echoed Cheong’s warnings, claiming that another group called BlueNoroff is targeting crypto startups.
North Korean hacking groups have also used cryptocurrencies in ransomware attacks against other sectors of the economy. Last month, the US Justice Department recovered $500,000 from North Korean hackers who had forced two US hospitals to send ransom money in Bitcoin to regain access to their servers.
Disclosure: At the time of writing, the author of this piece held ETH and several other cryptocurrencies.