North Korea's Lazarus Group Targeted DeBridge Finance in Likely Widespread Phishing Campaign
Likely ransomware attack on MSP disrupts UK's NHS 111 service, Twitter confirms zero day data breach, Slack exposed scrambled versions of user passwords, Twilio user creds exposed in breach, more
In a thwarted phishing campaign designed to install malicious files, North Korea’s Lazarus hacking group targeted DeBridge Finance, which provides a cross-chain interoperability and liquidity protocol for transferring data and assets between blockchains.
One DeBridge employee downloaded and opened the file, which prompted an investigation of its origin, how the hackers intended the attack to work, and potential consequences. Alex Smirnov, co-founder and project lead at DeBridge Finance, explained in a Twitter thread. Smirnov offered details on his company’s near-miss as a “PSA for all teams in Web3, this campaign is likely widespread.”
The Lazarus Group has allegedly been behind several high-profile crypto hacks, including the $622 million Axie Infinity. The State Department recently offered a $5 million reward for information on North Korean-linked cyberattacks on cryptocurrency exchanges that the country uses to fill its coffers, given the economic san…