FBI, Japan expose North Korea’s $305M DMM exchange hack details

The FBI said that the attack was linked to the North Korea-affiliated group TraderTraitor, which specializes in social engineering tactics.
The FBI said that the attack was linked to the North Korea-affiliated group TraderTraitor, which specializes in social engineering tactics.

The US Federal Bureau of Investigation and other law enforcement agencies have revealed how malicious actors stole over $300 million from the Japanese crypto exchange DMM in May. 

On Dec. 23, the FBI, the Department of Defense Cyber Crime Center (DC3) and the National Police Agency of Japan (NPA) published a rundown of the hack that led to the loss of 4,502.9 Bitcoin (BTC), worth about $305 million at the time of the hack.

According to the FBI, the theft is linked to threat activities by North Korea-affiliated group TraderTraitor, which uses tactics including targeted social engineering directed at company employees. 

FBI, Security, Hackers, Cybersecurity, Hacks

Source: FBI

North Korean hackers pretended to be a recruiter

The FBI said a North Korean threat actor masqueraded as a recruiter on LinkedIn in March. The hacker contacted an employee at the Japan-based crypto wallet company Ginco. The agency said that the threat actor sent a malicious link to the employee, who had access to Ginco’s wallet management system. 

The employee, assuming the link was a pre-employment test on a GitHub page, copied the code to their personal GitHub and was compromised. 

The FBI said that in May, hackers affiliated with the TraderTraitor group exploited the information they had gained to impersonate the employee, gaining access to Ginco’s communications system. 

The agency said the hackers “likely used this access to manipulate a legitimate transaction request by a DMM employee.” As a result, more than $300 million in Bitcoin was lost during the attack. According to the FBI, the funds were moved to wallets controlled by the TraderTraiter group. 

The FBI said that along with the NPA and other US and international partners, it will continue to work to expose North Korea’s use of illicit activities to generate revenue for its regime. 

Related: DMM Bitcoin exchange liquidates, and rug pulls are on the rise: Crypto-Sec

Crypto thieves steal $2.2 billion in 2024

DMM was one of the biggest exploits in 2024. Still, it was just one of the many hacks and exploits. On Dec. 19, Chainalysis said there were 303 security incidents in 2024, which led to losses of up to $2.2 billion. 

Web3 cybersecurity firm Cyvers told Cointelegraph that the centralized finance (CeFi) sector was hit hard, with a 1,000% year-over-year increase in such incidents. 

Magazine: WazirX hackers prepped 8 days before the attack, swindlers fake fiat for USDT: Asia Express