Friday, December 9, 2022
HomeTechnologyDebridge Finance warns crosschain bridges after failed Lazarus Group attack

Debridge Finance warns crosschain bridges after failed Lazarus Group attack

Hacking groups continue to target Web3 companies and cross-chain protocols like Chainlink, as DeBridge Finance explains an unsuccessful attack that was carried out by North Korean hackers from the Lazarus Group. While explained about the hacker, DeBridge team also warns cross chain bridges to be beware of the hacking attacks.

On August 5, deBridge Finance employees received what appeared to be a typical email from co-founder Alex Smirnov. With numerous crypto companies implementing staff reductions and pay cuts during the ongoing crypto winter, an attachment titled “New Salary Adjustments” was bound to create interest. The co-founder explored the nuances of the attempted phishing assault in a protracted Twitter discussion that was published on August 5 as a warning to the larger Bitcoin and Web3 communities:

Smirnov’s team determined that the attack did not infect macOS users because attempting to open the link on a Mac would generate a zip archive containing a regular Adjustments.pdf PDF file. However, as Smirnov explained:

“Windows-based systems are vulnerable. User opens password.txt.lnk and infects the entire system. Running the cmd.exe command to scan the system for antivirus software corrupts text files. If your system is unprotected, the malicious file will be saved in your startup folder and communicate with the attacker for instructions.”

The DeBridge team allowed scripts to receive instructions but disabled the ability to execute commands. This code was found to collect a lot of information about the system and export it to the attacker. Under normal circumstances, a hacker can execute code on an infected computer from this point on. Smirnov has been linked with previous research into a phishing attack conducted by the Lazarus group using the same filename.

Blockchain analysis firm Chainalysis highlighted that Crossbridge’s hack will be in 2022. surged. This year, he has had 13 attacks that have stolen more than $2 billion in crypto, accounting for nearly 70% of his stolen funds.

Read more:

 

Vaishali Goel
Technology enthusiast, explorer and academic scholar. Currently exploring the crypto world. Join me in my journey to see how crypto, NFT and Metaverse will change the world.
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

three × one =

- Advertisment -

Most Popular