Metacurity

Share this post

North Korea's Lazarus Group Targeted DeBridge Finance in Likely Widespread Phishing Campaign

metacurity.substack.com

North Korea's Lazarus Group Targeted DeBridge Finance in Likely Widespread Phishing Campaign

Likely ransomware attack on MSP disrupts UK's NHS 111 service, Twitter confirms zero day data breach, Slack exposed scrambled versions of user passwords, Twilio user creds exposed in breach, more

Cynthia Brumfield
Aug 8, 2022
∙ Paid
1
Share
Share this post

North Korea's Lazarus Group Targeted DeBridge Finance in Likely Widespread Phishing Campaign

metacurity.substack.com

white concrete building under blue sky during daytime
Photo by Steve Barker on Unsplash

In a thwarted phishing campaign designed to install malicious files, North Korea’s Lazarus hacking group targeted DeBridge Finance, which provides a cross-chain interoperability and liquidity protocol for transferring data and assets between blockchains.

One DeBridge employee downloaded and opened the file, which prompted an investigation of its origin, how the hackers intended the attack to work, and potential consequences. Alex Smirnov, co-founder and project lead at DeBridge Finance, explained in a Twitter thread. Smirnov offered details on his company’s near-miss as a “PSA for all teams in Web3, this campaign is likely widespread.”

The Lazarus Group has allegedly been behind several high-profile crypto hacks, including the $622 million Axie Infinity. The State Department recently offered a $5 million reward for information on North Korean-linked cyberattacks on cryptocurrency exchanges that the country uses to fill its coffers, given the economic san…

Keep reading with a 7-day free trial

Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
Previous
Next
© 2023 DCT Associates
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing