Scam Alert

Lazarus Group Tried To Hack The deBridge Finance Network

The co-founder of deBridge Finance accused Lazarus Group of being the culprit in this cross-banana protocol attack through an email containing a malicious file.

deBridge becomes the next target of Lazarus Group

The notorious hacking organization, backed by North Korea, Lazarus group has been identified as the perpetrator of a cyber attack against deBridge Finance. Cross-chain protocol co-founder and project lead, Alex Smirnov, alleges that the attack vector was through an email, in which several team members received a PDF file titled “New Salary Adjustment” from a fake address that copies the CEO’s address.

While deBridge Finance tries to prevent the phishing attack, Smirnov warns that the fraud campaign is likely to broadly target Web3-focused platforms.

According to a long Twitter thread by moderators, most team members immediately flagged the email as suspicious, but one person downloaded and opened the file. This helped them investigate the attack vector and understand its consequences.

Smirnov further explains that macOS users are safe, as opening the link on a Mac will result in a zip archive with the normal PDF file Adjustments.pdf. On the other hand, the Windows system is not immune to dangers. Instead, Windows users will be redirected to an archive with a suspicious password-protected pdf file with the same name and an additional file named Password.txt.lnk.

The text file will basically infect the system. Therefore, the lack of anti-virus software will help the malicious file to enter the machine and will be saved in the autostart folder, after which a simple script will start sending repeated requests to communicate with the attacker to receive instructions.

“The attack vector is as follows: user opens a link from email -> downloads & opens archive -> tries to open PDF, but PDF asks for a password -> user opens password.txt.lnk and infects the whole system.”

The co-founder then urged the firms and their employees to never open email attachments without verifying the sender’s full email address and to have an internal protocol for how teams share attachments.

“Please stay SAFU and share this thread to let everyone know about potential attacks.”

It can be seen that cross-chain protocols have always been the main target of this criminal organization. This latest attack has almost the same implementation method as previous attacks done by this organization.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join CoinCu Telegram to keep track of news: https://t.me/coincunews

Follow CoinCu Youtube Channel | Follow CoinCu Facebook page

Foxy

CoinCu News

Victor

Recent Posts

Best Altcoins to Buy for 2025: Qubetics Presale Surge, Solana’s Lightning Speed, and Cardano’s Blockchain Revolution

Discover why Qubetics, Solana, and Cardano are redefining the crypto landscape. Learn about milestones, price…

9 minutes ago

Why Qubetics, NEAR Protocol, and IMX Are Dominating Crypto: The Best Altcoins to Join Today for Game-Changing Returns 

Discover why Qubetics, NEAR Protocol, and Immutable X are the best altcoins to join today,…

2 hours ago

Bonk’s ICO Was Just the Start: Why BTFD Coin’s Stage 7 Price Rollback Is Your Second Shot at Crypto Glory

BTFD Coin is offering a chance to relive the glory days of meme coin investing,…

3 hours ago

Decoding BDAG’s AMA: A Blueprint for Scalable Blockchain and Enhanced Community Ties

Explore key takeaways from BlockDAG’s AMA, showcasing strides in scalability, growth of the ecosystem, and…

3 hours ago

Best Cryptos with 1000X Potential: Qubetics Revolutionises Blockchain as Polkadot and Cosmos Shape the Future

Discover why Qubetics, Polkadot, and Cosmos are the best cryptos with 1000X potential, offering innovation,…

7 hours ago

Best Coins to Buy in December 2024: Qubetics Offer 630% ROI, Polkadot Delivers on Interoperability and Near Protocol’s Scalability is Talk of the Town

Explore the best coins to buy in December 2024—Qubetics with its thrilling presale, Polkadot’s interoperability,…

13 hours ago

This website uses cookies.