bitcoin
bitcoin

$98556.245560 USD

4.66%

ethereum
ethereum

$3486.427225 USD

2.40%

tether
tether

$0.999285 USD

0.04%

xrp
xrp

$2.314860 USD

2.93%

bnb
bnb

$698.028454 USD

1.46%

solana
solana

$197.042392 USD

4.14%

dogecoin
dogecoin

$0.338023 USD

4.85%

usd-coin
usd-coin

$1.000046 USD

-0.01%

cardano
cardano

$0.936261 USD

2.19%

tron
tron

$0.255697 USD

1.50%

avalanche
avalanche

$41.068950 USD

6.16%

chainlink
chainlink

$25.148963 USD

3.88%

toncoin
toncoin

$5.893696 USD

5.51%

shiba-inu
shiba-inu

$0.000024 USD

6.66%

sui
sui

$4.599568 USD

-1.96%

Cryptocurrency News Articles

North Korean Hackers Stole $300 Million in Bitcoin From DMM Exchange, Police Say

Dec 24, 2024 at 04:40 pm

In May, approximately ¥48.2 billion JPY (approximately $306 million USD) worth of Bitcoin was unlawfully siphoned from DMM Bitcoin.

North Korean Hackers Stole $300 Million in Bitcoin From DMM Exchange, Police Say

Around ¥48.2 billion JPY (approximately $306 million USD) in Bitcoin was unlawfully siphoned from DMM Bitcoin in May. The Tokyo entity is a cryptocurrency exchange that operates under the major IT firm DMM.com.

On December 24, the National Police Agency (NPA) announced that the North Korean cyberattack group TraderTraitor was responsible for the attack. The investigation was carried out by the Metropolitan Police Department and NPA, in cooperation with the American Federal Bureau of Investigation (FBI).

TraderTraitor’s Phishing Tactics

According to the NPA, attackers from TraderTraitor posed as recruiters on the business-focused social networking site LinkedIn in late March. They contacted an employee of Ginco (Tokyo), which manages the cryptocurrency wallet system for DMM Bitcoin.

The attackers sent messages with URLs, attempting to entice the employee to click the link. When clicked, the link infected the employee’s computer with a virus.

After mid-May, the attackers used the employee’s credentials to gain unauthorized access to the Ginco system. They were able to modify the system, altering both the amounts and destinations of cryptocurrency transfers, which resulted in the theft.

Investigating the Theft

The stolen funds were eventually transferred to digital wallets controlled by TraderTraitor. Investigations confirmed that the accounts used to contact the employee and the connections for the malicious program were both managed by TraderTraitor.

In response, the NPA, together with the National Center of Incident Readiness and Strategy for Cybersecurity, issued a public attribution statement directly naming North Korea and TraderTraitor and condemning both entities. The NPA also issued a warning, highlighting the rise in cryptocurrency thefts attributed to North Korea.

Following the breach, DMM Bitcoin raised ¥55 billion with support from group companies to guarantee the full amount of the stolen funds to users. However, the company announced its closure on December 2 due to continuing restrictions on services.

Naming the Culprits

Public attribution is an effort to publicly name countries or organizations suspected of involvement in cyberattacks. It aims to prevent further damage and deter future attacks. The United States was the first to carry out public attribution in 2014. Japan has done so previously in cases involving China and North Korea. This case was Japan’s eighth instance.

News source:japan-forward.com

Disclaimer:info@kdj.com

The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!

If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.

Other articles published on Dec 25, 2024