news 
North Koreans Blamed for $300 Million DMM Bitcoin Hack
In a shocking revelation, North Korean cyber actors have been identified as the perpetrators of a massive $300 million hack on Japanese cryptocurrency company DMM Bitcoin. The FBI, Department of Defense Cyber Crime Center (DC3), and Japan’s National Police Agency (NPA) have collaborated to identify and expose the state-backed TraderTraitor group as the agents behind the attack.
The hack, which occurred in late May 2024, involved a sophisticated phishing attack utilizing malicious Python scripts. The perpetrators exploited a recruitment process by deceiving an employee at Ginco, a Japan-based enterprise cryptocurrency wallet software company. This compromised employee’s credentials allowed the attackers to gain unauthorized access to Ginco’s unencrypted communications system and eventually manipulate a legitimate transaction request by a DMM employee, resulting in the theft of 4,502.9 BTC, valued at over $300 million at the time.
The TraderTraitor group, also known as Jade Sleet, UNC4899, and Slow Pisces, is notorious for targeted social engineering attacks aimed at multiple employees within the same organization. This incident highlights the persistent threat posed by North Korean cyber actors to the global financial system, particularly the cryptocurrency sector.
Authorities continue to investigate and implement measures to prevent such incidents, urging companies to enhance their cybersecurity protocols and employee training to defend against sophisticated phishing attacks.
Source: fullycrypto.com
