Skip to main content

North Korean hackers are targeting crypto workers

Hackers believed to be associated with the North Korean-based cybercriminal group Lazarus have attempted yet another digital heist by targeting cryptocurrency firm deBridge Finance.

As reported by Bleeping Computer, deBridge operates as a “liquidity transfer protocol that allows decentralized transfer of data and assets” between multiple blockchain platforms.

Related Videos
A hand on a laptop in a dark surrounding.

That fact alone was reason enough for Lazarus to reportedly make the company its latest target. The breach was attempted by sending a phishing email to employees. If opened, it would infect the system with malware, subsequently allowing it to obtain sensitive information from Windows-powered devices in the network.

It would also lay the groundwork for another round of malicious code to be activated at an advanced stage of the cyber attack.

Employees of deBridge Finance received an email last week from the hackers, who posed as the firm’s co-founder, Alex Smirnov. The email contained bogus details about “new salary adjustments” via a HTML file.

That file was masked as a PDF, joined by a Windows shortcut file (.LNK) that tried to lure victims in by posing as a password text file.

Once the doctored PDF file is opened, a cloud storage location is subsequently launched, prompting the user to refer back to the fake text file for a password. From here, the LNK file connects to the Command Prompt with a command that retrieves and loads a payload that is stored remotely.

With the hackers now breaching the system with its malware, it could obtain relevant information about the target system such as the username, operating system, CPU, network adapters, and running processes.

Although the majority of employees who saw the email reported it as suspicious, one individual was unaware of the misleading nature of the contents. Once that employee downloaded and opened the fake document, Smirnov said he was able to examine the attack itself.

North Korean hackers from the Lazarus group are suspected to be behind this particular incident due to the similarity in file names and infrastructure discovered in an earlier attack.

The Lazarus group has certainly been active as of late. It recently tried to trick crypto experts with a similar email campaign by posing as cryptocurrency exchange Coinbase. Elsewhere, the hackers were linked to a huge $617 million crypto heist earlier this year.

Editors' Recommendations

The Windows 11 taskbar is getting an important new update
windows 11 taskbar third party app pinning

Microsoft is working on new experiences for Windows that will allow developers to enable pinning for third-party applications, as well as enable pinning to the Taskbar.

Microsoft recently announced the details of these upcoming functions in a blog post. This is the brand's attempt to universalize its pinning process across all apps used on Windows. In practice, it will be similar to how pinning works on the Edge browser, with the Windows 11 users being notified by the Action Center about a request for pinning to the Taskbar by the app in question.

Read more
GPT-4: how to use, new features, availability, and more
A laptop opened to the ChatGPT website.

ChatGPT-4 has officially been announced, confirming the longtime rumors around its improvements to the already incredibly impressive language skills of OpenAI's ChatGPT.

OpenAI calls it the company's "most advanced system, producing safer and more useful responses." Here's everything we know about it so far.

Read more
GPT-4 has come to LinkedIn, because of course it has
LinkedIn's GPT-4 headline generator feature.

With the official introduction of Open AI's GPT-4, Microsoft is expanding its range of product support to include AI upgrades embedded into LinkedIn.

The business-focused social media platform announced Thursday that it will begin testing a host of AI-driven features based on both the GPT-3.5 and GPT-4 language models with its Premium subscribers. These functions will allow people to do things such as create more personalized profiles and job descriptions using AI-generated prompts. In particular, the GPT-4 language model will be the power behind AI profile writing, according to LinkedIn.

Read more