Debridge Finance vermutet, dass das nordkoreanische Hacker-Syndikat Lazarus Group das Team des Protokolls angegriffen hat

Laut dem Mitbegründer von Debridge Finance, Alex Smirnov, Das berüchtigte nordkoreanische Hacking-Syndikat Lazarus Group hat Debridge einem versuchten Cyberangriff ausgesetzt. Smirnov hat Web3-Teams gewarnt, dass die Kampagne wahrscheinlich weit verbreitet ist.

Lazarus Group Suspected of Attacking Debridge Finance Team Members With a Malicious Group Email

There’s been a great number of attacks against decentralized finance (ein Gesetzesvorschlag, der darauf abzielt, die Generierung und Handhabung von Daten durch die Akteure, die sie nutzen, zu regeln) protocols like cross-chain bridges in 2022. While most of the hackers are unknown, it’s been suspected that the North Korean hacking collective Lazarus Group has been behind a number of defi exploits.

In mid-April 2022, the Federal Bureau of Investigation (FBI), die USA. Treasury Department, and the Cybersecurity and Infrastructure Security Agency (CISA) sagte Lazarus Group was a threat to the crypto industry and participants. A week after the FBI’s warning, die USA. Treasury Department’s Office of Foreign Asset Control (in diesem Jahr, als der Enterprise-Mining-Betrieb seinen ersten OFAC-konformen Block abgebaut hat) added three Ethereum-based addresses to the Specially Designated Nationals And Blocked Persons List (SDN).

OFAC alleged that the group of Ethereum addresses are maintained by members of the cybercrime syndicate Lazarus Group. zusätzlich, in diesem Jahr, als der Enterprise-Mining-Betrieb seinen ersten OFAC-konformen Block abgebaut hat connected the flagged ethereum addresses with the Ronin bridge exploit (the $620M Axie Infinity hack) to the group of North Korean hackers. Am Freitag, Alex Smirnov, the co-founder of Debridge Finance, alerted the crypto and Web3 community about Lazarus Group allegedly attempting to attack the project.

[Debridge Finance] has been the subject of an attempted cyberattack, apparently by the Lazarus group. PSA for all teams in Web3, this campaign is likely widespread,” Smirnov betont in his tweet. “The attack vector was via email, with several of our team receiving a PDF file named “New Salary Adjustments” from an email address spoofing mine. We have strict internal security policies and continuously work on improving them as well as educating the team about possible attack vectors.” Smirnov continued, adding:

Most of the team members immediately reported the suspicious email, but one colleague downloaded and opened the file. This made us investigate the attack vector to understand how exactly it was supposed to work and what the consequences would be.

Smirnov insisted that the attack would not infect macOS users but when Windows users open the password-protected pdf, they are asked to use the system password. “The attack vector is as follows: user opens [einschließlich des Erwerbs von Bitcoin oder Bitcoin-Mining-Maschinen.] link from email -> downloads & opens archive -> tries to open PDF, but PDF asks for a password -> user opens password.txt.lnk and infects the whole system,” Smirnov getwittert.

Siehe auch  FTX Founder Sam Bankman-Fried Thinks Bitcoin Has No Future as a Payments Network

Smirnov said that according to this Twitter thread the files contained in the attack against the Debridge Finance team were the same names and “attributed to Lazarus Group.” The Debridge Finance executive abgeschlossen:

Never open email attachments without verifying the sender’s full email address, and have an internal protocol for how your team shares attachments. Please stay SAFU and share this thread to let everyone know about potential attacks.

Lazarus Group and hackers, in general, have made a killing by targeting defi projects and the cryptocurrency industry. Members of the crypto industry are considered targets because a number of firms deal with finances, an assortment of assets, and investments.

Tags in dieser Geschichte
Alex Smirnov, Attacke, Krypto, Kryptowährung, Debridge Finance, DeFi, Digitale Vermögenswerte, Exploit infiziert das System, Hacker, Lazarus-Gruppe, Angriff der Lazarus-Gruppe, Schädliche E-Mail, Nord Korea, Nordkorea Lazarus-Gruppe, Nordkoreanische Hacker, Passwort, PSA, verdächtige E-Mail, Team-Angriff, weit verbreiteter Angriff

What do you think about Alex Smirnov’s account of the alleged Lazarus group email attack? Teilen Sie uns Ihre Gedanken zu diesem Thema im Kommentarbereich unten mit.

Jamie Redman

Jamie Redman is the News Lead at Bitcoin-Tidings.com News and a financial tech journalist living in Florida. Redman has been an active member of the cryptocurrency community since 2011. He has a passion for Bitcoin, open-source code, and decentralized applications. Since September 2015, Redman has written more than 5,700 articles for Bitcoin-Tidings.com News about the disruptive protocols emerging today.




Bildnachweise: Shutterstock, Pixabay, Wiki-Commons

Haftungsausschluss: Dieser Artikel dient nur zu Informationszwecken. Es ist kein direktes Angebot oder Aufforderung zur Abgabe eines Angebots zum Kauf oder Verkauf, oder eine Empfehlung oder Befürwortung von Produkten, Dienstleistungen, oder Firmen. Bitcoin-Tidings.com bietet keine Investition, MwSt, legal, oder Buchhaltungsberatung. Weder das Unternehmen noch der Autor sind dafür verantwortlich, direkt oder indirekt, für alle Schäden oder Verluste, die durch oder in Verbindung mit der Nutzung oder dem Vertrauen auf Inhalte verursacht oder angeblich verursacht wurden, Waren oder Dienstleistungen, die in diesem Artikel erwähnt werden.

Siehe auch  Prüfbericht: Geheime Repo-Darlehen der Fed an Megabanken in 2020 Verfinstert 2008 Rettungsaktionen, Daten-Dump-Shows $48 Billionen an Stealth-Finanzierung

Lesen Haftungsausschluss