bitcoin
bitcoin

$98951.784612 USD

1.33%

ethereum
ethereum

$3479.257786 USD

0.68%

tether
tether

$0.998976 USD

-0.06%

xrp
xrp

$2.306370 USD

0.04%

bnb
bnb

$704.140085 USD

1.75%

solana
solana

$199.302093 USD

2.15%

dogecoin
dogecoin

$0.332816 USD

0.22%

usd-coin
usd-coin

$0.999942 USD

-0.02%

cardano
cardano

$0.916250 USD

-1.07%

tron
tron

$0.257828 USD

0.67%

avalanche
avalanche

$40.588996 USD

-0.71%

chainlink
chainlink

$24.697681 USD

-1.44%

toncoin
toncoin

$5.977735 USD

4.32%

shiba-inu
shiba-inu

$0.000023 USD

0.19%

sui
sui

$4.576109 USD

-0.68%

加密货币新闻

日本和 FBI 将朝鲜列为从 DMM 窃取比特币的一方,这是朝鲜迄今为止盗窃加密货币的摘要

2024/12/25 12:03

2024 年 12 月 24 日,国家警察厅、联邦调查局等宣布,他们已确定约 48

日本和 FBI 将朝鲜列为从 DMM 窃取比特币的一方,这是朝鲜迄今为止盗窃加密货币的摘要

On December 24, 2024, the National Police Agency, the Tokyo Metropolitan Police Department, the FBI, and others announced that TraderTraitor, a division of the North Korean government-affiliated cyber attack group Lazarus Group, was involved in the recent Bitcoin leak. It all started in March 2024, when TraderTraitor impersonated a recruiter on LinkedIn and contacted an employee of Ginco, who had been entrusted with managing DMM Bitcoin wallets. TraderTraitor sent the employee a URL to a malicious Python script disguised as a recruitment test and had the employee copy the code onto his own GitHub page. Starting in May 2024, TraderTraitor misused session cookie information that controls access permissions, impersonating the relevant employees and illegally accessing Ginco's communications system. It then used this access to tamper with legitimate cryptocurrency transaction requests made by DMM Bitcoin employees and stole bitcoins. It then transferred the stolen bitcoins to a wallet managed by TraderTraitor.

2024 年 12 月 24 日,国家警察厅、东京警察厅、联邦调查局等机构宣布,朝鲜政府附属网络攻击组织 Lazarus Group 的一个部门 TraderTraitor 参与了最近的比特币泄露事件。这一切都始于 2024 年 3 月,当时 TraderTraitor 在 LinkedIn 上冒充一名招聘人员,联系了 Ginco 的一名员工,该员工曾被委托管理 DMM 比特币钱包。 TraderTraitor 向该员工发送了一个伪装成招聘测试的恶意 Python 脚本的 URL,并让该员工将代码复制到他自己的 GitHub 页面上。从2024年5月开始,TraderTraitor滥用控制访问权限的会话cookie信息,冒充相关员工非法访问Ginco的通信系统。然后,它利用此访问权限篡改 DMM Bitcoin 员工提出的合法加密货币交易请求并窃取比特币。然后,它将被盗的比特币转移到 TraderTraitor 管理的钱包中。

This incident began on May 31, 2024, when the unauthorized leakage of Bitcoin was detected from a DMM Bitcoin wallet. The total amount of Bitcoin confirmed to have been illegally leaked was 4,502.9 BTC (equivalent to approximately 48.2 billion yen), and on June 5, 2024, DMM revealed plans to raise approximately 55 billion yen to fully cover the amount of the illegally leaked Bitcoin. In August 2024, DMM Group Chairman Keiji Kameyama stated , 'We apologize for the great inconvenience caused to Bitcoin users,' and 'We will continue to disclose any information on the cause, etc. as soon as it becomes available.' 'DMM Bitcoin' announces that it will raise approximately 55 billion yen to guarantee the full amount of illegally leaked bitcoins - GIGAZINE

该事件始于 2024 年 5 月 31 日,当时从 DMM 比特币钱包中检测到未经授权的比特币泄漏。确认非法泄露的比特币总额为4,502.9 BTC(约合482亿日元),2024年6月5日,DMM透露计划筹集约550亿日元,以完全覆盖非法泄露的比特币金额。 2024 年 8 月,DMM 集团董事长龟山敬二表示,“对于给比特币用户造成的巨大不便,我们深表歉意”,并且“我们将在获得有关原因等的任何信息后立即披露”。 “DMM Bitcoin”宣布将筹集约550亿日元,以保证非法泄露的比特币全额 - GIGAZINE

Subsequently, on September 26, 2024, the Kanto Regional Financial Bureau issued an administrative disposition to DMM Bitcoin, including an order to improve its business practices, pursuant to Article 63-16 of the Payment Services Act . This administrative disposition required DMM Bitcoin to analyze and clarify the specific facts and root causes of the unauthorized leakage of Bitcoin, respond to customers, and strengthen its system risk management system. Since the unauthorized leak occurred, DMM Bitcoin has been restricting its services, such as screening new account openings, suspending virtual currency withdrawal processing, and suspending spot trading buy orders, but has announced that it will transfer customer accounts and assets under custody to SBI VC Trade on December 1, 2024. DMM Bitcoin also reported that it plans to discontinue its business after the transfer is completed around March 2025. [IMPORTANT] Basic agreement regarding the transfer of accounts and assets held by SBI VC Trade - DMM Bitcoin (2024/12/02) https://bitcoin.dmm.com/news/20241202_01

随后,关东地区金融局于 2024 年 9 月 26 日根据《支付服务法》第 63-16 条对 DMM Bitcoin 发布了行政处分,其中包括责令改善其商业行为。此次行政处理要求DMM Bitcoin分析并澄清比特币未经授权泄露的具体事实和根本原因,回应客户,并强化系统风险管理体系。自发生未经授权的泄密事件以来,DMM Bitcoin一直在限制其服务,例如筛选新开户、暂停虚拟货币提款处理、暂停现货交易买单,但宣布将把客户账户和托管资产转移给SBI VC于2024年12月1日进行交易。DMM Bitcoin还报告称,计划在2025年3月左右完成转让后停止其业务。 [重要]关于SBI VC Trade持有的账户和资产转让的基本协议- DMM 比特币 (2024/12/02) https://bitcoin.dmm.com/news/20241202_01

After that, the American analysis company Chainalysis published the results of its investigation that the unauthorized access to DMM Bitcoin was linked to a North Korean cyber attack group. When Chainalysis traced the stolen cryptocurrency, it was revealed that the group had been laundering the money by using a service called ' Mixer ' that anonymizes transaction history and then funneling it to the Cambodian online marketplace 'Huione Guarantee.' The theft of virtual currencies through cyber attacks from North Korea has beensteadily increasing since 2017, and in December 2022, South Korea's intelligence agency, the National Intelligence Service, reported the results of an investigation stating that 'North Korean cyber attack groups stole 8,000 billion won (approximately 86 billion yen) of virtual currencies and other assets in 2022 alone, totaling 1.5 trillion won (approximately 162 billion yen) over the five years from 2017.' In North Korea, the income generated by theft of virtual currencies is one of the main sources of income for the regime , and it has been pointed out that the stolen virtual currencies are being used for the development of ballistic missiles and weapons of mass destruction. The terrifying reality that North Korea is funding its weapons development program through cyber-attacks and cryptocurrency heists - GIGAZINE

此后,美国分析公司Chainaanalysis公布调查结果称,未经授权访问DMM比特币与朝鲜网络攻击组织有关。当 Chainaanalysis 追踪被盗的加密货币时,发现该组织一直在使用名为“Mixer”的服务来洗钱,该服务可以匿名化交易历史,然后将其转移到柬埔寨在线市场“Huioneguarantee”。自2017年以来,通过朝鲜网络攻击窃取虚拟货币的事件不断增加,2022年12月,韩国情报机构国家情报院公布的调查结果称,“朝鲜网络攻击组织窃取了8万亿韩元”仅2022年一年,虚拟货币和其他资产(约860亿日元)总计达1.5万亿韩元(约1620亿日元)从 2017 年起的五年里。”在朝鲜,盗窃虚拟货币所产生的收入是该政权的主要收入来源之一,并且有人指出,被盗的虚拟货币正被用于开发弹道导弹和大规模杀伤性武器。朝鲜通过网络攻击和加密货币抢劫为其武器开发计划提供资金的可怕现实 - GIGAZINE

Additionally, cryptocurrency trading platform Hyperliquid reported on December 23, 2024 that addresses and signs of activity used by North Korean hackers to test potential security bugs had been found.

此外,加密货币交易平台 Hyperliquid 于 2024 年 12 月 23 日报告称,已发现朝鲜黑客用于测试潜在安全漏洞的地址和活动迹象。

DPRK's trading career is...uh....going....???? tbh if i was the dude Hyperliquid's 4 validators (or those fucking ghetto ass binaries on gh) I would be shitting my pants right now. Hyperliquid dudes dont seem worried at all though so im sure its fine. ???? pic.twitter.com/JrrU7t1sJe

朝鲜的贸易生涯正在……呃……进行……???说实话,如果我是 Hyperliquid 的 4 个验证者(或者 gh 上那些该死的贫民区二进制文件),我现在就会拉裤子了。高流动性的家伙似乎一点也不担心,所以我确信它没问题。 ???? pic.twitter.com/JrrU7t1sJe

Security expert Taylor Monahan said, 'We found no signs of funds being leaked or misused

安全专家泰勒·莫纳汉表示:“我们没有发现资金被泄露或滥用的迹象

新闻来源:gigazine.net

免责声明:info@kdj.com

The information provided is not trading advice. kdj.com does not assume any responsibility for any investments made based on the information provided in this article. Cryptocurrencies are highly volatile and it is highly recommended that you invest with caution after thorough research!

If you believe that the content used on this website infringes your copyright, please contact us immediately (info@kdj.com) and we will delete it promptly.

2024年12月26日 发表的其他文章