North Korean hackers likely behind DMM Bitcoin’s $307m attack

Japanese police revealed Tuesday that hackers affiliated with the North Korean regime are likely behind the $307 million attack on crypto exchange DMM Bitcoin.

North Korean hackers are said to be behind a multi-million attack on a crypto exchange, which cost the platform over $300 million worth of crypto in stolen funds.

In a Dec. 23 press release, the Federal Bureau of Investigation alongside Japan’s National Police Agency revealed that the hack, which occurred in May, is linked to North Korean cyber actors and is associated with the threat group known as TraderTraitor, also referred to as Jade Sleet, UNC4899, and Slow Pisces.

According to authorities, the cyber attack began when a North Korean hacker, pretending to be a recruiter on LinkedIn, contacted an employee at Ginco, a Japanese company that provides crypto wallet software. The hacker tricked the employee into downloading a malicious Python script, which was disguised as part of a pre-employment test. The employee unknowingly uploaded the script to their personal GitHub page, allowing the attacker to gain access to sensitive company systems.

By mid-May, the attackers used stolen session cookies to impersonate the compromised employee and infiltrated Ginco’s unencrypted communications system, leading to a manipulation of a legitimate transaction request from DMM Bitcoin. Eventually, this scheme allowed the hackers to steal 4,502.9 (BTC), equivalent to $307 million at the time. The stolen cryptocurrency was later transferred to wallets controlled by the TraderTraitor group, the FBI said.

As crypto.news reported earlier, the United States and South Korea have teamed up to create new mechanisms to prevent crypto thefts linked to North Korea. The two countries have reportedly signed an agreement to jointly create technologies to stop crypto thefts. While details remain unclear, South Korea’s science ministry will also support the initiative through 2026.

Related Posts

Pudgy Penguins PENGU bounced 30% amid Solana activity ATH

Solana on-chain activity reached a new all-time high, coinciding with a 30% surge in Pudgy Penguins token Pengu. Pengu (PENGU), the native token of blue chip NFT series Pudgy Penguins,…

PancakeSwap hit $310b in trading volume, up 179% YoY

Decentralized exchange platform PancakeSwap had a remarkable 2024 as growth across decentralized finance drove trading volume to over $310 billion. In a report summarizing the DEX platform’s year-over-year performance, PancakeSwap (CAKE) said…

Leave a Reply

Your email address will not be published. Required fields are marked *