- North Korean hackers behind $308M DMM Bitcoin theft using social engineering tactics.
- DMM attack linked to TraderTraitor group, compromising employee access for crypto theft.
- WazirX asset distribution to be decided by creditors, not influenced by DMM hack.
The Federal Bureau of Investigation (FBI), Department of Defense Cyber Crime Center (DC3), and Japan’s National Police Agency (NPA) say North Korean cyber actors are responsible for the $308 million Bitcoin heist from DMM.com. The theft happened in May 2024 and is connected to TraderTraitor threat activity. TraderTraitor is also known as Jade Sleet, UNC4899, and Slow Pisces.
This incident targeted the Japan-based crypto platform DMM.com. It highlights the growing threat of state-sponsored cybercrime that aims to steal digital assets.
The FBI’s investigation traced the cyberattack to advanced tactics used by North Korean hackers. The attack began in March 2024. A North Korean cyber actor posed as a recruiter and contacted an employee of Ginco, a Japan-based crypto wallet software company.
Read also: FBI Warns of North Korean Hackers Targeting Crypto Firms
The attacker used LinkedIn to approach the employee. They sent a false link claiming it was a pre-employment test. The link led to a Python script hosted on GitHub. Once downloaded, it compromised the employee’s system.
Exploitation of Compromised Access
After getting into the employee’s system, the cyber actor exploited session cookie information. This let them impersonate the victim and gain further access to Ginco’s insecure communications system.
In May 2024, the attacker manipulated a legitimate transaction request from a DMM employee. This sent 4,502.9 BTC, worth $308 million, into hackers’ controlled wallets. The FBI report says the stolen funds were moved to wallets controlled by the TraderTraitor group. This solidifies the connection between the cyber actor and the theft.
Community Reactions and the WazirX Debate
As the news of the DMM Bitcoin hack spread, some crypto community members began comparing it to other high-profile crypto thefts, such as the WazirX hack. Pushpendra Singh, founder of PushpendraTech and SmartViewAi, responded on X. He asked if the DMM hack could justify other incidents. Singh said it was important to focus on user withdrawals in such cases.
Nischal Shetty, WazirX Co-Founder, said creditors will be left to decide on the distribution of assets. This is especially true in cases like the WazirX hack. Nischal said if the majority votes in favor of a particular asset distribution scheme, the liquid assets could be disbursed according to the terms of that scheme.
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
