North Korea's Lazarus Hackers Blamed in deBridge Finance Cyberattack

The victim of an email-based cyberattack, cross-chain protocol deBridge Finance says its investigation shows the action likely came from the North Korea-associated Lazarus Group.

The attack took the form of an email address spoofing that of deBridge co-founder Alex Smirnov. Though most employees reported the suspicious email, one downloaded and opened the associated file.

The company's probe of the hack shows a similar attack vector to those noticed in other cyberattacks by North Korea's Lazarus Group, said Smirnov in a lengthy Twitter thread.

"PSA for all teams in Web3," wrote Smirnov, "this campaign is likely widespread."

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.