Federal investigators have identified the North Korean hacker group known as “TraderTraitor” as the culprit behind the $308 million theft from the Japanese cryptocurrency exchange DMM Bitcoin back in May.
The Japanese job
Per a press release from the FBI, along with Japan’s National Police Agency and the Department of Defense Cyber Crime Center, the breach began in March when a hacker disguised as a recruiter sent a malicious link to an employee at Ginco, a partner company of DMM. This tactic allowed the hackers to gain access to sensitive systems.
Once inside, TraderTraitor impersonated the employee and intercepted legitimate transaction requests from DMM.
The result? 4,502.9 Bitcoin was stolen and quickly funneled into wallets controlled by the hacker group, which is believed to have ties to the North Korean government.
This heist is part of a larger trend of state-sponsored cybercrime aimed at funding North Korea’s activities.
Hackers never sleep?
This incident raises serious concerns about cybersecurity in the crypto industry, and law enforcement officials are emphasizing the need for better global cooperation to combat these types of threats.
The FBI has been tracking TraderTraitor since 2022, noting their increasing focus on blockchain-related attacks.
In August, PeckShield reported that wallets linked to these hackers moved around 850 BTC, worth over $54 million, to six different addresses in just one week.
Lotta breaches
As authorities continue their investigation, they’re urging everyone to be vigilant against suspicious messages and potential scams.
The DMM hack is just one of many incidents this year, in fact, Chainalysis reported that there were 303 security breaches in 2024 alone, resulting in losses totaling $2.2 billion across the crypto space.
