North Korean hackers behind the
North Korean hackers behind the DMM Bitcoin exchange’s $305 million breach in May 2024 were identified as TraderTradeor, also known as Jade Sleet, UNC4899, and Slow Pisces. The attack involved social engineering tactics targeting employees of Ginco, a Japanese crypto wallet firm. A North Korean operative posing as a recruiter on LinkedIn initially gained access to sensitive data through a malicious Python script disguised as a pre-employment test hosted on GitHub.
This enabled the hacker to
This enabled the hacker to manipulate transactions and steal 4,502.9 BTC ($305 million) from DMM Bitcoin. As a result of the breach, DMM Bitcoin has halted withdrawals and spot trading activities while planning to move all funds, including Japanese Yen and cryptocurrencies, to SBI VC Trade by March 2025.
Source