FBI Links North Korean Hackers to $308 Million DMM Exchange Breach
The FBI and other agencies linked a group of North Korean threat actors, known as ‘Tradertraitor,’ to May 2023’s $308 million hack of DMM, a Japanese exchange. The hackers used social engineering to access internal communications and perpetrate the attack.
FBI Links North Korean Hackers to $308 Million DMM Exchange Breach
FBI Unveils Korean Connection in DMM Multi-Million Hack
The Federal Bureau of Investigation (FBI) in a joint investigation with the Department of Defense Cyber Crime Center and the National Police Agency of Japan, managed to unveil the involvement of a Korean element in the May hack of DMM, a Japanese cryptocurrency exchange.
The hack, which left a negative balance of over 4,000 BTC in DMM wallets valued at $308 million at the time, was the work of a Korean hacker group known as “Tradertraitor,” known for its peculiar approaches to these operations.
Read more: Over $300M in BTC Stolen From Japanese Exchange DMM Bitcoin in Major Security Breach
According to the FBI, an individual linked to this group contacted an employee at Ginco, a Japan-based enterprise cryptocurrency wallet provider, offering a new job position. The Korean actor sent the victim an internet address for a pre-employment test as part of this proposal. The victim copied this to his personal Github account and compromised access to his system.
Exploiting this vulnerability, Korean actors impersonated the compromised employed using this access and managed to manipulate a legitimate transaction requested by a DMM employee, redirecting the funds to Tradertraitor-controlled wallets.
The aftermath of this heist proved fatal for the exchange currently being liquidated and expected to be purchased by SBI VC Trade, an exchange of the SBI Group.
FBI had profiled Tradertraitor’s modus operandi before, explaining its heavy usage of social engineering to access targeted companies and organizations. In April, a joint alert explained that the group was out targeting crypto-linked institutions, using messages directed to employees as a vector.
The advisory note stated:
The messages often mimic a recruitment effort and offer high-paying jobs to entice the recipients to download malware-laced cryptocurrency applications, which the U.S. government refers to as “TraderTraitor.”
Read more: FBI Issues Alert Concerning Malicious State-Sponsored North Korean Hackers Targeting Crypto Firms
North Korean hackers stole $1.4 billion this year, according to Chainalysis.
Welcome to Billionaire Club Co LLC, your gateway to a brand-new social media experience! Sign up today and dive into over 10,000 fresh daily articles and videos curated just for your enjoyment. Enjoy the ad free experience, unlimited content interactions, and get that coveted blue check verification—all for just $1 a month!
Account Frozen
Your account is frozen. You can still view content but cannot interact with it.
Please go to your settings to update your account status.
Open Profile Settings