The co-founder of DeFi protocol deBridge said they were hacked by North Korean hackers.
The hacker community Lazarus Group, known to be affiliated with the North Korean government, has this time targeted the DeFi protocol deBridge.
The hackers sent emails to the protocol’s employees from an address similar to the co-founder’s email address. Mail’s name was a PDF file called “New salary adjustment”.
One of the employees did not realize that the suspicious file was fake and downloaded it to his computer.
The deBridge team investigated the suspicious email and realized that a password must be used to open the PDF file. It contained a hidden LNK file inside the PDF file. This file executes a cmd.exe command that infects the system after opening.
Since such attack attempts have been made by the North Korea-linked Lazarus Group before, this attempt was also attributed to them.
Lazarus Group is the perpetrator of many attacks that have caused great wounds in the crypto industry. The hack group was behind the $ 625 million Ronin hack, along with the $ 100 million Harmony hack that took place last November.
According to Bloomberg’s report, North Korean hackers are sending resumes on LinkedIn to work remotely with crypto firms. Pointing to this danger, US authorities issued a warning to IT firms.