CyberSecurity news
FlagThis
info@thehackernews.com (The Hacker News)@The Hacker News
//
The North Korean hacking group known as TraderTraitor, also identified as Jade Sleet, UNC4899, and Slow Pisces, has been linked to the theft of $308 million in cryptocurrency from the Japanese exchange DMM Bitcoin in May. This group, a cryptocurrency-focused element within North Korea's Reconnaissance General Bureau, primarily targets blockchain-related companies. Authorities, including the FBI, the Department of Defense Cyber Crime Center, and the National Police Agency of Japan, confirmed the group's involvement, highlighting TraderTraitor's use of targeted social engineering techniques to infiltrate their victims. The group's known methods also include supply chain attacks and malware deployment.
The FBI outlined the attack chain, which began in March when TraderTraitor members posed as recruiters and contacted an employee at a cryptocurrency wallet software company named Ginco. This led to the deployment of a malicious python script. By exploiting the compromised employee's access, the hackers manipulated a legitimate DMM transaction request, resulting in the theft of 4,502.9 Bitcoin, valued at $308 million at the time. The stolen funds were then moved to TraderTraitor-controlled wallets. This incident led DMM Bitcoin to restrict its services following the hack, until the completion of investigations.
ImgSrc: blogger.googleu
References :
The FBI outlined the attack chain, which began in March when TraderTraitor members posed as recruiters and contacted an employee at a cryptocurrency wallet software company named Ginco. This led to the deployment of a malicious python script. By exploiting the compromised employee's access, the hackers manipulated a legitimate DMM transaction request, resulting in the theft of 4,502.9 Bitcoin, valued at $308 million at the time. The stolen funds were then moved to TraderTraitor-controlled wallets. This incident led DMM Bitcoin to restrict its services following the hack, until the completion of investigations.
ImgSrc: blogger.googleu
Share:
References :
- The Hacker News: The Hacker News reports on North Korean hackers stealing $308M in Bitcoin from DMM Bitcoin.
- www.bleepingcomputer.com: The North Korean hacker group 'TraderTraitor' stole $308 million worth of cryptocurrency in the attack on the Japanese exchange DMM Bitcoin in May.
- www.coindesk.com: US and Japanese law enforcement say North Korean hackers were responsible for stealing 4,502.9 bitcoin, worth $308M, from Japanese exchange DMM in May 2024 (Sheldon Reback/CoinDesk)
- BleepingComputer: The North Korean hacker group 'TraderTraitor' stole $308 million worth of cryptocurrency in the attack on the Japanese exchange DMM Bitcoin in May.
- : FBI : This is not much of a cybersecurity advisory: The Federal Bureau of Investigation, Department of Defense Cyber Crime Center (DC3), and National Police Agency of Japan linked the theft of cryptocurrency worth $308 million U.S. dollars from the Japan-based cryptocurrency company DMM to North Korea's . They also confirmed different private industry threat actor names: , , and . TraderTraitor is a cryptocurrency-focused element within the Reconnaissance General Bureau (RGB), that primarily targets blockchain-related companies (and related vendors).
- COINOTAG NEWS: Coinotag reports about the 48.2 Billion Yen Bitcoin theft linked to North Korea.
- ciso2ciso.com: US and Japan Blame North Korea for $308m Crypto Heist
- www.techmeme.com: US and Japanese law enforcement say North Korean hackers were responsible for stealing 4,502.9 bitcoin, worth $308M, from Japanese exchange DMM in May 2024 (Sheldon Reback/CoinDesk)
- securityonline.info: North Korean Cyber Actors TraderTraitor Steal $308 Million in Cryptocurrency: DMM Breach Unveiled
- Techmeme: US and Japanese law enforcement say North Korean hackers were responsible for stealing 4,502.9 bitcoin, worth $308M, from Japanese exchange DMM in May 2024 (Sheldon Reback/CoinDesk)
- Techmeme: US and Japanese law enforcement say North Korean hackers were responsible for stealing 4,502.9 bitcoin, worth $308M, from Japanese exchange DMM in May 2024 (Sheldon Reback/CoinDesk)
- ciso2ciso.com: FBI Blames North Korea for $308M Cryptocurrency Hack as Losses Surge in 2024
- securityaffairs.com: DMM Bitcoin $308M Bitcoin heist linked to North Korea
- osint10x.com: North Korean Hackers Pull Off $308M Bitcoin Heist from Crypto Firm DMM Bitcoin
- securityonline.info: North Korean Cyber Actors TraderTraitor Steal $308 Million in Cryptocurrency: DMM Breach Unveiled
- ciso2ciso.com: DMM Bitcoin $308M Bitcoin heist linked to North Korea – Source: securityaffairs.com
- www.scworld.com: Suspected Lazarus subgroup behind DMM crypto heist
- Cybernews: A gang of North Korean-affiliated threat actors stole $308 million worth of cryptocurrency from a Japanese crypto company.
- Bitcoin News: FBI Links North Korean Hackers to $308 Million DMM Exchange Breach
- therecord.media: The FBI blamed the theft of $300 million from Japanese crypto platform DMM on hackers from North Korea
Classification:
- HashTags: #CryptoHeist #NorthKoreanHackers #TraderTraitor
- Company: DMM Bitcoin
- Target: DMM Bitcoin
- Attacker: TraderTraitor
- Product: Bitcoin
- Feature: cryptocurrency theft
- Type: Hack
- Severity: Major