The FBI has unveiled details of a $305M Bitcoin heist by North Korea-affiliated hackers using social engineering techniques.
News
The Federal Bureau of Investigation and other law enforcement agencies revealed how malicious actors stole over $300 million from the Japanese crypto exchange DMM in May.
On Dec. 23, the FBI, the Department of Defense Cyber Crime Center (DC3) and the National Police Agency of Japan (NPA) published a rundown of the hack that led to the loss of 4,502.9 Bitcoin (BTC), worth around $305 million at the time of the hack.
According to the FBI, the theft is linked to threat activities by North Korea-affiliated group TraderTraitor, which uses tactics such as targeted social engineering directed at company employees.
North Korean hackers pretended to be a recruiter
The FBI said a North Korean actor masqueraded as a recruiter on LinkedIn in March. The hacker contacted an employee at the Japan-based crypto wallet company Ginco. The agency said that the threat actor sent a malicious link to the employee, who had access to Ginco’s wallet management system.
The employee believed the link was a pre-employment test on a GitHub page. Because of this, the victim copied the code to their personal GitHub and was compromised.
The FBI added that in the middle of May, hackers affiliated with the TraderTraitor group exploited the information they gained to impersonate the employee. They were able to gain access to Ginco’s communications system.
The agency said the hackers “likely used this access to manipulate a legitimate transaction request by a DMM employee.” As a result, about $308 million in Bitcoin was lost during the attack. According to the FBI, the funds have already been moved to wallets controlled by the TraderTraiter group.
The FBI said that its agency, along with the NPA and other US and international partners, will continue to work and expose North Korea’s use of illicit activities to generate revenue for its regime.
Related: DMM Bitcoin exchange liquidates, and rug pulls are on the rise: Crypto-Sec
Crypto thieves steal $2.2 billion in 2024
DMM was one of the biggest exploits in 2024. However, it was just one of the many hacks and exploits this year. On Dec. 19, Chainalysis said there were 303 security incidents in 2024, which led to losses of up to $2.2 billion.
Web3 cybersecurity firm Cyvers told Cointelegraph that the centralized finance (CeFi) sector was hit hard, with a 1,000% year-over-year increase in incidents.
Magazine: WazirX hackers prepped 8 days before attack, swindlers fake fiat for USDT: Asia Express
This article first appeared at Cointelegraph.com News