FBI, Japan expose $305 million hack from North Korea

The Federal Bureau of Investigation and other law enforcement agencies revealed how malicious actors stole more than $300 million from Japan's DMM cryptocurrency exchange in May.

On December 23, the FBI, the U.S. Department of Defense's Cyber Crime Center (DC3), and the National Police Agency of Japan (NPA) released a summary of the hack that resulted in the loss of 4,502.9 Bitcoin (BTC), worth about 305 million USD at the time.

According to the FBI, the theft is linked to the threatening activities of the TraderTraitor group, associated with North Korea, which frequently uses tactics such as targeted social engineering aimed at company employees.

FBI, An ninh, Tin tặc, An ninh mạng, Hacks

Source: FBI

North Korean hackers impersonate as employers

The FBI reported that an agent from North Korea impersonated an employer on LinkedIn in March. This hacker contacted an employee at the cryptocurrency wallet company Ginco in Japan. The agency stated that the threatening agent sent a malicious link to this employee, who had access to Ginco's wallet management system.

Employees believe the link is a test prior to recruitment on GitHub. Therefore, the victim copied this code to their personal GitHub and suffered a data breach.

The FBI added that in mid-May, hackers linked to the TraderTraitor group exploited the information they obtained to impersonate employees. They gained access to Ginco's communication system.

The agency stated that the hackers 'likely used this access to manipulate a legitimate transaction request from an employee of DMM.' As a result, about $308 million in Bitcoin was lost in the attack. According to the FBI, the funds were transferred to wallets controlled by the TraderTraitor group.

The FBI stated that its agency, along with the NPA and other U.S. and international partners, will continue to work to expose North Korea's use of illegal activities to generate revenue for its regime.

Cryptocurrency hackers stole $2.2 billion in 2024

DMM is one of the largest hacks of 2024. However, it is just one of many hacks and breaches this year. On December 19, Chainalysis reported 303 security incidents in 2024, resulting in losses of up to $2.2 billion.

Cybersecurity company Web3, Cyvers, told TinTucBitcoin that the centralized finance (CeFi) sector has been heavily impacted, with a 1,000% year-over-year increase in incidents.