North Korean hackers attack deBridge protocol

Alex Smirnov, co-owner of deBridge Finance, confirmed the fact that hackers attacked the cross-chain protocol. According to him, hackers from North Korea forged the email of one of the team leaders and sent infected emails to employees. For greater effectiveness, the fake email mentioned a file with salary adjustments. When they tried to open it, the devices were attacked.

Most of the employees noticed the suspicious file in time, but there was one employee who still did not realize it was an attack and opened the file. Smirnov believes that this allowed the deBridge network to be compromised. The malicious code collects information about the user, computer characteristics, running processes, etc. At the same time, the code does not work on macOS.

According to Smirnov, North Korean hackers from the Lazarus Group are involved in the case. They used similar methods during raids on other companies. Moreover, according to Smirnov, similar attacks are currently taking place on other Web3 companies. Therefore, the attack may be part of a larger cryptocurrency theft operation.