North Korea-Aligned Hacker Group Steals $305M from Japanese Cryptocurrency Platform
Malicious actors stole more than $300 million from the Japanese cryptocurrency exchange DMM in May, according to information released by the US Federal Bureau of Investigation and other law enforcement organizations. A summary of the incident that resulted in the loss of 4,502.9 Bitcoin, which was valued at around $305 million at the time of the theft, was released on December 23 by the FBI, the Department of Defense Cyber Crime Center (DC3), and the National Police Agency of Japan (NPA). The FBI claims that the theft is connected to threatening actions by the group TraderTraitor, which is aligned with North Korea and employs strategies including targeted social engineering against firm workers.
North Korean Hackers Exploit LinkedIn to Steal $300M in Bitcoin from Japanese Firms
According to the FBI, in March, a North Korean threat actor pretended to be a recruiter on LinkedIn. The hacker contacted a worker at Ginco, a cryptocurrency wallet startup based in Japan. According to the agency, the employee who got access to Ginco’s wallet management system received a malicious link from the threat actor. The employee copied the code to their personal GitHub account and was compromised, believing the link to be a pre-employment exam on a GitHub page.
According to the FBI, hackers connected to the TraderTraitor gang used the information they had obtained to pose as the worker and access Ginco’s communications system in May. The agency said the hackers most likely manipulated a valid transaction request made by a DMM employee using this access. Consequently, during the attack, almost $300 million worth of Bitcoin was lost.
According to the FBI, the money was transferred to wallets under the TraderTraiter group’s control. The FBI stated that it will keep working to uncover North Korea’s use of illegal operations to raise money for its government in collaboration with the NPA and other US and foreign partners.
For more up-to-date crypto news, you can follow Crypto Data Space.
Leave a comment