December 25, 2024
11 11 11 AM
Latest Post
Coinbase CEO, Other Crypto Insiders Billions Richer After Seeking to Steer Elections 2025 Will Be the Year That AI Agents Transform Crypto ESG-Focused Blockchain Trrue Secures $10M Investment Commitment From GEM Digital North Korea Blamed for May’s $305M Hack on Japanese Crypto Exchange DMM SOL’s Evolving Throwback Pattern Makes It Enticing for Breakout Traders: Godbole Russia Imposes 6-Year Ban on Crypto Mining in 10 Regions, Citing Energy Use: Tass Record $14B Bitcoin Options Expiry Looms as Market Looks Highly Levered-Up Bitcoin Lull Could Spur Altcoin Rally, With $90K Considered ‘Attractive’ Buying Area The Protocol: Trump Makes More Pro-Crypto Appointments What the Key Metrics for Onchain Activity Say About SOL, ETH and Other Chains in 2025

North Korea Blamed for May’s $305M Hack on Japanese Crypto Exchange DMM

The $308 million hack of Japanese crypto exchange DMM in May was the work of North Korean hackers, the U.S. and Japanese law enforcement agencies said Monday.

The theft of 4,502.9 bitcoin (BTC), which is forcing the exchange to close, was “affiliated” with a group known as TraderTraitor, the FBI said in a statement with the Department of Defense Cyber Crime Center and National Police Agency of Japan.

Hackers linked to North Korea dominated crypto crime this year, Chainalysis said in its annual report on the subject. The country, whose official name is the Democratic People’s Republic of Korea (DPRK), is tied to more than half of the crypto value stolen in 2024. Its operatives are responsible for the theft of $1.34 billion across 47 incidents, more than double the $660 million (a figure revised down from an initial estimate) taken last year.

TraderTraitor, also known as Jade Sleet, UNC4899 and Slow Pisces, generally works by targeted social engineering, according to the statement. In this case, malicious code was inserted into a Python script used in a fictitious pre-employment test and sent by an operative posing as a recruiter on LinkedIn to a candidate who worked at an outside enterprise, crypto wallet company Ginco.

The victim copied the code to their personal Github page, giving TraderTraitor access to session cookie information that allowed it access to Ginco’s communications system. Months later, it probably used the access to intercept a legitimate transaction request by a DMM employee, leading to the theft, the agencies said.

This post was originally published on this site