Japanese police revealed Tuesday that hackers affiliated with the North Korean regime are likely behind the $307 million attack on crypto exchange DMM Bitcoin.

North Korean hackers are said to be behind a multi-million attack on a crypto exchange, which cost the platform over $300 million worth of crypto in stolen funds.

In a Dec. 23 press release, the Federal Bureau of Investigation alongside Japan’s National Police Agency revealed that the hack, which occurred in May, is linked to North Korean cyber actors and is associated with the threat group known as TraderTraitor, also referred to as Jade Sleet, UNC4899, and Slow Pisces.

According to authorities, the cyber attack began when a North Korean hacker, pretending to be a recruiter on LinkedIn, contacted an employee at Ginco, a Japanese company that provides crypto wallet software. The hacker tricked the employee into downloading a malicious Python script, which was disguised as part of a pre-employment test. The employee unknowingly uploaded the script to their personal GitHub page, allowing the attacker to gain access to sensitive company systems.

By mid-May, the attackers used stolen session cookies to impersonate the compromised employee and infiltrated Ginco’s unencrypted communications system, leading to a manipulation of a legitimate transaction request from DMM Bitcoin. Eventually, this scheme allowed the hackers to steal 4,502.9 (BTC), equivalent to $307 million at the time. The stolen cryptocurrency was later transferred to wallets controlled by the TraderTraitor group, the FBI said.

As crypto.news reported earlier, the United States and South Korea have teamed up to create new mechanisms to prevent crypto thefts linked to North Korea. The two countries have reportedly signed an agreement to jointly create technologies to stop crypto thefts. While details remain unclear, South Korea’s science ministry will also support the initiative through 2026.

Read the full article here

Share.

Leave A Reply

Your road to financial

freedom starts here

With our platform as your starting point, you can confidently navigate the path to financial independence and embrace a brighter future.

Registered address:

First Floor, SVG Teachers Credit Union Uptown Building, Kingstown, St. Vincent and the Grenadines

CFDs are complex instruments and have a high risk of loss due to leverage and are not recommended for the general public. Before trading, consider your level of experience, relevant knowledge, and investment objectives and seek financial advice. Vittaverse does not accept clients from OFAC sanctioned jurisdictions. Also, read our legal documents and make sure you fully understand the risks involved before making any trading decision