Debridge Financeの共同創設者によると, アレックス・スミルノフ, 悪名高い北朝鮮のハッキング シンジケート Lazarus Group は、Debridge をサイバー攻撃の試みにさらしました。. Smirnov 氏は Web3 チームに、キャンペーンが広まっている可能性が高いと警告しています。.
コンテンツ
Lazarus Group Suspected of Attacking Debridge Finance Team Members With a Malicious Group Email
There’s been a great number of attacks against decentralized finance (定義) protocols like cross-chain bridges in 2022. While most of the hackers are unknown, it’s been suspected that the North Korean hacking collective Lazarus Group has been behind a number of defi exploits.
In mid-April 2022, 連邦捜査局 (FBI), アメリカ. 財務省, およびサイバーセキュリティおよびインフラストラクチャ セキュリティ エージェンシー (CISA) 言った Lazarus Group was a threat to the crypto industry and participants. A week after the FBI’s warning, アメリカ. Treasury Department’s Office of Foreign Asset Control (OFAC) 追加した three Ethereum-based addresses to the Specially Designated Nationals And Blocked Persons List (SDN).
OFAC alleged that the group of Ethereum addresses are maintained by members of the cybercrime syndicate Lazarus Group. さらに, OFAC connected the flagged ethereum addresses with the Ronin bridge exploit (the $620M Axie Infinity hack) to the group of North Korean hackers. 金曜日に, アレックス・スミルノフ, the co-founder of デブリッジファイナンス, alerted the crypto and Web3 community about Lazarus Group allegedly attempting to attack the project.
「[デブリッジファイナンス] has been the subject of an attempted cyberattack, apparently by the Lazarus group. PSA for all teams in Web3, this campaign is likely widespread,” Smirnov stressed in his tweet. “The attack vector was via email, with several of our team receiving a PDF file named “New Salary Adjustments” from an email address spoofing mine. We have strict internal security policies and continuously work on improving them as well as educating the team about possible attack vectors.” Smirnov continued, 追加:
Most of the team members immediately reported the suspicious email, but one colleague downloaded and opened the file. This made us investigate the attack vector to understand how exactly it was supposed to work and what the consequences would be.
Smirnov insisted that the attack would not infect macOS users but when Windows users open the password-protected pdf, they are asked to use the system password. “The attack vector is as follows: user opens [の] link from email -> downloads & opens archive -> tries to open PDF, but PDF asks for a password -> user opens password.txt.lnk and infects the whole system,” Smirnov つぶやいた.
Smirnov said that according to this Twitter thread the files contained in the attack against the Debridge Finance team were the same names and “attributed to Lazarus Group.” The Debridge Finance executive concluded:
Never open email attachments without verifying the sender’s full email address, and have an internal protocol for how your team shares attachments. Please stay SAFU and share this thread to let everyone know about potential attacks.
Lazarus Group and hackers, in general, have made a killing by targeting defi projects and the cryptocurrency industry. Members of the crypto industry are considered targets because a number of firms deal with finances, an assortment of assets, and investments.
What do you think about Alex Smirnov’s account of the alleged Lazarus group email attack? 以下のコメントセクションで、このテーマについてのあなたの考えを教えてください.
画像クレジット: シャッターストック, Pixabay, ウィキ・コモンズ
免責事項: この記事は情報提供のみを目的としています. 売買の申し出の直接的な申し出または勧誘ではありません, または製品の推奨または保証, サービス, または企業. Bitcoin-Tidings.com 投資を提供しない, 税, 法的, または会計アドバイス. 会社も著者も責任を負いません, 直接的または間接的に, コンテンツの使用または依存によって、またはそれに関連して引き起こされた、または引き起こされたと主張されている損害または損失について, この記事で言及されている商品またはサービス.
読んだ 免責事項