The co-founder of the DeFi protocol reported a cyberattack by North Korea
The attackers tried to trick the team into opening a PDF file called "New Salary Adjustment" by pretending that it was sent from an email address belonging to the co-founder of the project. As a result, one of the employees downloaded and opened a suspicious file.
The deBridge team then investigated the suspicious email. It turned out that to open the PDF file, you will need to enter a password. The downloaded archive also contained an LNK file disguised as a password file. After opening it, it executes the cmd command.an exe that infects the entire system. Files with the same names have been attributed to Lazarus Group in the past, so the deBridge team believes that North Korea is probably behind the attempted attack.
The $100 million hacking of Harmony, which occurred in November, was also attributed to Lazarus Group. Hackers from North Korea were also behind the $625 million Ronin hack. Earlier this week, it was reported that North Koreans were plagiarizing LinkedIn resumes in order to get remote work from cryptocurrency companies. In May, Jonathan Wu, head of development at Aztec Network, shared his own story about how a North Korean hacker tried to get a job at the company.
https://coin-signal.com/cryptonews/the-co-founder-of-the-defi-protocol-reported-a-cyberattack-by-north-korea/
#CoFounder, #Cryptonews, #Cyberattack, #Defi, #Fraud, #Hack, #Korea, #North, #PATTERN, #Protocol, #Reported
#CryptoNews, #HackFraud