Currencies32904
Market Cap$ 2.59T-7.90%
24h Spot Volume$ 49.43B+104%
DominanceBTC59.28%+0.90%ETH7.21%-6.68%
ETH Gas9.22 Gwei
Cryptorank
MainNewsFBI reveals ...

FBI reveals North Korea used LinkedIn to steal $305 million from Japan’s DMM Bitcoin


Dec, 24, 2024
2 min read
by Oluwapelumi Adejumo
for CryptoSlate
FBI reveals North Korea used LinkedIn to steal $305 million from Japan’s DMM Bitcoin

The FBI, Japan’s National Police Agency, and the Department of Defense Cyber Crime Center have confirmed that North Korean-linked hackers orchestrated the May 2024 $305 million breach of the Japanese crypto exchange DMM Bitcoin.

A joint statement issued on Dec. 23 attributed the attack to TraderTraitor threat actors, also known as Jade Sleet, UNC4899, and Slow Pisces. These hackers often target their victims through sophisticated social engineering attacks designed to exploit human vulnerabilities.

Independent investigations had linked the breach to the notorious Lazarus Group, another North Korean hacking syndicate infamous for large-scale crypto heists.

Crypto investigator ZachXBT highlighted similarities between the laundering methods used in this attack and those tied to Lazarus, which previously masterminded the $600 million theft from Axie Infinity’s Ronin bridge.

A Chainalysis report revealed that North Korean-backed hackers have stolen over $1.3 billion in 47 incidents this year alone.

Understanding the DMM Bitcoin hack

According to the authorities’ statement, the DMM Bitcoin breach stemmed from a well-coordinated social engineering scheme targeting employees of Ginco, a Japanese crypto wallet software firm.

In March, a North Korean operative posing as a recruiter on LinkedIn contacted a Ginco employee. The attacker shared a malicious Python script disguised as a pre-employment test hosted on a GitHub page.

Unaware of the risk, the employee copied the script to their personal GitHub account, inadvertently granting the hacker access to sensitive session cookie data. This enabled the attacker to impersonate the compromised employee and infiltrate Ginco’s unencrypted communication system.

By late May, the threat actor used this foothold to manipulate a legitimate transaction request from a DMM Bitcoin employee, ultimately stealing 4,502.9 BTC, valued at $305 million.

What next?

The incident compounded challenges for DMM Bitcoin, which recently announced plans to cease operations by March 2025.

Since then, the exchange has halted withdrawals and spot trading activities, complicating users’ efforts to transfer their assets.

However, the company intends to move all funds, including Japanese Yen and cryptocurrencies, to SBI VC Trade, a subsidiary of Japan’s financial giant SBI Holdings.

The post FBI reveals North Korea used LinkedIn to steal $305 million from Japan’s DMM Bitcoin appeared first on CryptoSlate.

Read the article at CryptoSlate

Read More

Hackers Hammer Android and iPhone Users As Bank Account Attacks Surge 258% in One Year: Kaspersky

Hackers Hammer Android and iPhone Users As Bank Account Attacks Surge 258% in One Year: Kaspersky

The number of Android and iPhone users hit by bank malware is skyrocketing as crimina...
Apr, 06, 2025
2 min read
by The Daily Hodl
David Sacks says Meta’s open-source Llama 4 puts U.S. in the lead in AI race

David Sacks says Meta’s open-source Llama 4 puts U.S. in the lead in AI race

Meta’s launch of two artificial intelligence (AI) Llama 4 models has positioned the U...
Apr, 06, 2025
3 min read
by CryptoSlate
MainNewsFBI reveals ...

FBI reveals North Korea used LinkedIn to steal $305 million from Japan’s DMM Bitcoin


Dec, 24, 2024
2 min read
by Oluwapelumi Adejumo
for CryptoSlate
FBI reveals North Korea used LinkedIn to steal $305 million from Japan’s DMM Bitcoin

The FBI, Japan’s National Police Agency, and the Department of Defense Cyber Crime Center have confirmed that North Korean-linked hackers orchestrated the May 2024 $305 million breach of the Japanese crypto exchange DMM Bitcoin.

A joint statement issued on Dec. 23 attributed the attack to TraderTraitor threat actors, also known as Jade Sleet, UNC4899, and Slow Pisces. These hackers often target their victims through sophisticated social engineering attacks designed to exploit human vulnerabilities.

Independent investigations had linked the breach to the notorious Lazarus Group, another North Korean hacking syndicate infamous for large-scale crypto heists.

Crypto investigator ZachXBT highlighted similarities between the laundering methods used in this attack and those tied to Lazarus, which previously masterminded the $600 million theft from Axie Infinity’s Ronin bridge.

A Chainalysis report revealed that North Korean-backed hackers have stolen over $1.3 billion in 47 incidents this year alone.

Understanding the DMM Bitcoin hack

According to the authorities’ statement, the DMM Bitcoin breach stemmed from a well-coordinated social engineering scheme targeting employees of Ginco, a Japanese crypto wallet software firm.

In March, a North Korean operative posing as a recruiter on LinkedIn contacted a Ginco employee. The attacker shared a malicious Python script disguised as a pre-employment test hosted on a GitHub page.

Unaware of the risk, the employee copied the script to their personal GitHub account, inadvertently granting the hacker access to sensitive session cookie data. This enabled the attacker to impersonate the compromised employee and infiltrate Ginco’s unencrypted communication system.

By late May, the threat actor used this foothold to manipulate a legitimate transaction request from a DMM Bitcoin employee, ultimately stealing 4,502.9 BTC, valued at $305 million.

What next?

The incident compounded challenges for DMM Bitcoin, which recently announced plans to cease operations by March 2025.

Since then, the exchange has halted withdrawals and spot trading activities, complicating users’ efforts to transfer their assets.

However, the company intends to move all funds, including Japanese Yen and cryptocurrencies, to SBI VC Trade, a subsidiary of Japan’s financial giant SBI Holdings.

The post FBI reveals North Korea used LinkedIn to steal $305 million from Japan’s DMM Bitcoin appeared first on CryptoSlate.

Read the article at CryptoSlate

Read More

Hackers Hammer Android and iPhone Users As Bank Account Attacks Surge 258% in One Year: Kaspersky

Hackers Hammer Android and iPhone Users As Bank Account Attacks Surge 258% in One Year: Kaspersky

The number of Android and iPhone users hit by bank malware is skyrocketing as crimina...
Apr, 06, 2025
2 min read
by The Daily Hodl
David Sacks says Meta’s open-source Llama 4 puts U.S. in the lead in AI race

David Sacks says Meta’s open-source Llama 4 puts U.S. in the lead in AI race

Meta’s launch of two artificial intelligence (AI) Llama 4 models has positioned the U...
Apr, 06, 2025
3 min read
by CryptoSlate