|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
5 月份,價值約 482 億日圓(約 3.06 億美元)的比特幣從 DMM Bitcoin 被非法挪用。
Around ¥48.2 billion JPY (approximately $306 million USD) in Bitcoin was unlawfully siphoned from DMM Bitcoin in May. The Tokyo entity is a cryptocurrency exchange that operates under the major IT firm DMM.com.
5 月份,約 482 億日圓(約 3.06 億美元)的比特幣從 DMM 比特幣中被非法挪用。東京實體是一家加密貨幣交易所,在大型 IT 公司 DMM.com 旗下營運。
On December 24, the National Police Agency (NPA) announced that the North Korean cyberattack group TraderTraitor was responsible for the attack. The investigation was carried out by the Metropolitan Police Department and NPA, in cooperation with the American Federal Bureau of Investigation (FBI).
12月24日,國家警察廳(NPA)宣布北韓網路攻擊組織TraderTraitor對此次攻擊負責。調查由倫敦警察廳和 NPA 與美國聯邦調查局 (FBI) 合作進行。
TraderTraitor’s Phishing Tactics
TraderTraitor 的網路釣魚策略
According to the NPA, attackers from TraderTraitor posed as recruiters on the business-focused social networking site LinkedIn in late March. They contacted an employee of Ginco (Tokyo), which manages the cryptocurrency wallet system for DMM Bitcoin.
據 NPA 稱,來自 TraderTraitor 的攻擊者於 3 月底在商業社交網站 LinkedIn 上冒充招募人員。他們聯繫了 Ginco(東京)的一名員工,該公司管理 DMM 比特幣的加密貨幣錢包系統。
The attackers sent messages with URLs, attempting to entice the employee to click the link. When clicked, the link infected the employee’s computer with a virus.
攻擊者發送帶有 URL 的訊息,試圖誘使員工點擊該連結。點擊後,該連結使該員工的電腦感染了病毒。
After mid-May, the attackers used the employee’s credentials to gain unauthorized access to the Ginco system. They were able to modify the system, altering both the amounts and destinations of cryptocurrency transfers, which resulted in the theft.
5 月中旬之後,攻擊者利用該員工的憑證獲得了對 Ginco 系統的未經授權的存取。他們能夠修改系統,改變加密貨幣傳輸的金額和目的地,導致竊盜。
Investigating the Theft
調查竊盜案
The stolen funds were eventually transferred to digital wallets controlled by TraderTraitor. Investigations confirmed that the accounts used to contact the employee and the connections for the malicious program were both managed by TraderTraitor.
被盜資金最終被轉移到 TraderTraitor 控制的數位錢包。調查證實,用於聯繫該員工的帳戶和惡意程式的連結均由 TraderTraitor 管理。
In response, the NPA, together with the National Center of Incident Readiness and Strategy for Cybersecurity, issued a public attribution statement directly naming North Korea and TraderTraitor and condemning both entities. The NPA also issued a warning, highlighting the rise in cryptocurrency thefts attributed to North Korea.
作為回應,NPA 與國家事件準備和網路安全戰略中心一起發布了一份公開歸因聲明,直接點名北韓和 TraderTraitor 並譴責這兩個實體。 NPA 也發出警告,強調北韓造成的加密貨幣竊盜案增加。
Following the breach, DMM Bitcoin raised ¥55 billion with support from group companies to guarantee the full amount of the stolen funds to users. However, the company announced its closure on December 2 due to continuing restrictions on services.
事件發生後,DMM Bitcoin 在集團公司的支持下籌集了 550 億日元,以確保向用戶全額返還被盜資金。然而,由於服務持續受到限制,該公司於 12 月 2 日宣布關閉。
Naming the Culprits
指認罪魁禍首
Public attribution is an effort to publicly name countries or organizations suspected of involvement in cyberattacks. It aims to prevent further damage and deter future attacks. The United States was the first to carry out public attribution in 2014. Japan has done so previously in cases involving China and North Korea. This case was Japan’s eighth instance.
公開歸因是公開指名涉嫌參與網路攻擊的國家或組織的努力。其目的是防止進一步的損害並阻止未來的攻擊。美國於2014年率先進行了公開歸因。這是日本的第八起案件。
免責聲明:info@kdj.com
The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!
If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.
-
- MicroStrategy 安排股東會議批准股票發行策略的變更,為額外的比特幣收購提供資金
- 2024-12-25 08:50:04
- 該公司已於 12 月完成了三輪 BTC 購買。