The victim of an email-based cyberattack, cross-chain protocol deBridge Finance says its investigation shows the action likely came from the North Korea-associated Lazarus Group.
The attack took the form of an email address spoofing that of deBridge co-founder Alex Smirnov. Though most employees reported the suspicious email, one downloaded and opened the associated file.
The company's probe of the hack shows a similar attack vector to those noticed in other cyberattacks by North Korea's Lazarus Group, said Smirnov in a lengthy Twitter thread.
"PSA for all teams in Web3," wrote Smirnov, "this campaign is likely widespread."
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.