deBridge Blames Lazarus Hackers for Attempted Cyberattack
As an affiliate, we may earn from qualifying purchases. We get commissions for purchases made through links on this website.
Receive $10 in Bitcoin when you buy or sell $100 or more on Coinbase! https://mathisenmarketing.com/coinbase
It seems like cyber attacks and hackers are daily news in the crypto world.
deBridge Finance, a cross-chain interoperability and liquidity transfer protocol, has fallen victim a cyber attack on the company’s employees.
According to a Twitter thread posted by DeBridge founder Alex Smirnov a a handful of deBridge employees have received emails titled “New Salary Changes” pretending to come from Smirnov’s email address.
Did you know?
Want to be smarter and richer with crypto?
Subscribe – We publish new crypto explainer videos every week!
Most of the employees suspected that the email was sent malicious intentions and therefore did not open them. However, one employee took the opportunity and downloaded the attached PDF document.
Because of this measure, the company has had to analyze the attack in great detail.
On Twitter, Smirnov states that the attack was does not work on macOS, where it opens a regular PDF file. On the other hand, opening the file in a Windows operating system infects the entire system. The user first downloads an archive file containing a password-protected PDF file and a file named “password”.
According to Smirnov, the attack works as follows: “the user opens a link from an email -> downloads & opens the archive -> tries to open the PDF file, but the PDF asks for a password -> the user opens password.txt.lnk and infects the whole system”.
DeBridge’s research proved it its text file that harms the system. It will check your antivirus first. If the computer is not protected, it will activate and start communicating with the hacker to receive commands.
Smirnov argues that the file names used in this attack matched the file names used by the Lazarus Group to carry out their hack.
Lazarus Group and its hackers usually target DeFi projects and the crypto industry. Back in June, the North Korean cybercriminal group was related to With the $100 million Harmony’s Horizons Bridge heist.