North Korean cyber actors behind $308 million cryptocurrency heist say US and Japan Japan National Police Agency have Said that a North Korean Hacking Group Trader Traitor Stole Cryptocurrency Worth USD308 Million from Japan-Based Exchange DMM Bitcoin Earlier this Year in 2024
Tuesday, 24 Dec 2024 00:00 am

Batbricks7

The US Federal Bureau of Investigation (FBI) and Japan’s National Police Agency have said that a North Korean hacking group, TraderTraitor, stole cryptocurrency worth $308 million from Japan-based exchange DMM Bitcoin earlier this year in May.

TraderTraitor, known to be a part of Lazarus Group, targets multiple employees from the same organisation at the same time.

The infamous Lazarus Group is allegedly linked to Pyongyang authorities and has been accused of hacking into Sony Pictures for mocking North Korean leader Kim Jong Un in the film The Interview.

“The theft of cryptocurrency worth $308 million US dollars from the Japan-based cryptocurrency company DMM by North Korean cyber actors,” the FBI stated in a statement on Monday (Dec 23).

The North Korean cyber actors facilitated a “targeted social engineering” operation in which they pretended to be LinkedIn recruiters and contacted an employee at a Japan-based enterprise cryptocurrency wallet software company Ginco in late March.

They then sent a malicious code under the guise of a pre-employment test on a GitHub page, which allowed hackers to gain access to their system and impersonate the employee.

In late May, the hackers manipulated a legitimate transaction request by a DMM employee.

According to the FBI, the attack led to losses of 4,502.9 BTC, worth $308 million, which were transferred to TraderTraitor-controlled wallets.

“The FBI, National Police Agency of Japan, and other U.S. government and international partners will continue to expose and combat North Korea’s use of illicit activities including cybercrime and cryptocurrency theft to generate revenue for the regime,” the FBI added in its statement.

According to a 2020 US military report, North Korea’s cyber-warfare agency, Bureau 121, has over 6,000 members operating from several countries.

The program can be tracked back to at least the mid-1990s.