The North Korean hackers have been behind some of the high-profile crypto attacks.
DeBridge Finance which provides a cross-chain interoperability and liquidity protocol for transferring data and assets between blockchains was recently targeted by North Korean hackers Lazarus Group.
Company’s Co-founder and Project Lead Alex Smirnov, took to Twitter to report that his company was the target of a cyber attack by ill-famous group.
In a long Twitter thread Alex explained how the company was targeted. He wrote, “DeBridge has been the subject of an attempted cyberattack, apparently by the Lazarus group. PSA for all teams in Web3, this campaign is likely widespread.”
He added,”The attack vector was via email, with several of our team receiving a PDF file named “New Salary Adjustments” from an email address spoofing mine.”
Email spoofing as the name suggest is form of cyber attack in which the hacker sends a manipulated email that seems to have been sent from a trusted source.
Smirnov pointed out that even though all the other team members immediately reported the mail, one colleague downloaded and opened the file.
He pointed out, “This made us investigate the attack vector to understand how exactly it was supposed to work and what the consequences would be. Attack won’t infect macOS users: opening this link on a Mac leads to zip archive with the normal PDF file Adjustments.”
Lazarus Group has been behind several high-profile crypto cyber attack including the famous the $622 million Axie Infinity, Ronin Ethereum sidechain hack in March and the Harmony Horizon Bridge hack in June.
According to chief operating officer of blockchain security firm Halborn, David Schwed, “¨These types of attacks are fairly common, They rely on the inquisitive nature of people by naming the files something that would pique their interest, such as salary information.”
Blockchain companies are facing more and more such attacks because of the heightened stakes due to the immutability of blockchain transactions.