Trying their luck, cyber hackers of North Korea’s Lazarus Group tried to steal the cryptocurrency of deBridge Finance Company, for this, they resorted to cross-chain protocol, now everyone must be curious to know What is cross-chain, in fact, a cross-chain protocol is a process that enables decentralized transfers between different types of black chains. By the way, it is not a new thing that hackers are doing this, as technology is developing and the security system is improving, then these attackers also make new ideas to attack.
In today’s time, the mind of these attackers has developed so much that to carry out this incident, these attackers used phishing emails so that the malware could be launched by the company’s staff. The result of which came out that, first of all, they collected every type of important information from the company’s system and then allowed the malicious code delivery after that.
Threat actors from North Korea chose Thursday to carry out this incident and targeted the company’s staff using an email from Alex Smirnov, co-founder of deBridge Finance company. According to the information received, allegedly, he was only sharing information related to salary change with his staff.
So the same email that emailed Mr. Alex did to his staff they also got access to what was an HTML file called ‘New Pay Adjustment’, but the file that was there was a Windows Shortcut file that purported to be a PDF file with (.LNK) was pretending and it was opening just like a normal file as a plain text file with the password.
But, but, but as the company’s staff clicked on the file to open it, a cloud storage location automatically opened in front of them that was heavily claiming to provide a password-protected archive containing PDFs, scilicet, from this it is clearly clear that this was the method through which these attackers were using the company’s staff to find out the password.