North Korean hackers linked to hack of 4,500 bitcoins from Japanese crypto exchange

North Korean hackers linked to the infamous Lazarus hacking group have been identified as being behind the theft of more than 4,500 bitcoins from Japanese cryptocurrency exchange DMM Bitcoin earlier this year.

The Federal Bureau of Investigation, in conjunction with the Department of Defense Cyber Crime Center and National Police Agency of Japan, has revealed that hackers who go by the name of TraderTraitor, an arm of Lazarus, successfully stole the equivalent of $308 million from GMM in May and have detailed how the North Korean hackers did so.

The investigation into the hack found that in late March 2024, a North Korean cyber actor pretending to be a recruiter on LinkedIn contacted an employee at Ginco, a Japanese enterprise cryptocurrency wallet software company. The threat actor sent the target, who maintained access to Ginco’s wallet management system, a URL linked to a malicious Python script under the guise of a pre-employment test located on a GitHub page. The victim copied the Python code to their personal GitHub page and was subsequently compromised.

With the access gained, the TraderTraitor hackers sat patiently, waiting until May to exploit their access. To steal the bitcoin, the actors exploited session cookie information to impersonate the compromised employee and successfully gained access to Ginco’s unencrypted communications system. With this access, it’s believed that the hackers then manipulated a legitimate transaction request from a DMM employee, resulting in the theft of 4,502.9 bitcoin.

The stolen bitcoin was subsequently transferred to TraderTraitor-controlled wallets, which ultimately lead back to the North Korean government.

“The FBI, National Police Agency of Japan and other U.S. government and international partners will continue to expose and combat North Korea’s use of illicit activities—including cybercrime and cryptocurrency theft—to generate revenue for the regime,” the FBI noted in a statement.

The involvement of both North Korea and an arm of Lazarus in the hack comes as no surprise, as the hack of DMM isn’t the first time Lazarus has targeted cryptocurrency exchanges and it won’t be the last.

In 2022, Lazarus was linked to the hack on the Ronin Network that led to the theft of $615 million in cryptocurrency, and more recently, in July, the group was linked to the theft of $234.9 million in cryptocurrency from India-based cryptocurrency exchange WazirX.

Image: SiliconANGLE/Ideogram

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU

Related Content

Russia’s finance minister reveals bitcoin is being used to conduct foreign trade

Grab Genuine Lifetime Windows 11 And Microsoft Office Keys At Unbeatable Prices Starting From $13

Tiny speaker promises virtual surround sound with novel audio trickery

Leave a Comment

Stay updated with Win99Update for the latest in tech, online earning, and digital trends. Explore practical tips and insights to thrive in the digital world.

Categories

Tech Trends

Science & Space

Finance Tips

Cryptocurrency

Online Earning

Health & Fitness

Quakes Links

About Us

Contact Us

Piracy Policy

Terms and Conditions

Contact Us

Phone: +91 9090909099

Email: info@example.com

© Win99update.com • All rights reserved