The Article Tells The Story of:
- North Korean Hackers Target DMM: In May 2024, hackers linked to North Korea stole $305 million in bitcoin from Japan’s DMM exchange using social engineering tactics.
- Ginco Employee Exploited: The attack began with a malicious Python script sent via LinkedIn, giving hackers access to Ginco’s systems and eventually DMM’s transaction data.
- Crypto Crime Surge in 2024: North Korean groups are responsible for over $1.34 billion in stolen crypto across 47 incidents this year, more than double last year’s total.
- Rising Cyber Threats: The attack highlights the need for stronger security measures as cybercrime in the crypto industry continues to grow.
North Korean Hackers Strike Again
In May 2024, hackers linked to North Korea carried out a $305 million crypto theft from the Japanese exchange DMM. Law enforcement agencies from Japan and the U.S., including the FBI and Department of Defense, confirmed the attack. The group behind this breach, known as TraderTraitor, used advanced social engineering tactics to access the exchange’s systems.
The attack began with a targeted employee at Ginco, a crypto wallet company. A North Korean operative, posing as a recruiter on LinkedIn, tricked the employee with a malicious Python script. The employee unknowingly uploaded the code to their personal GitHub account, giving the hackers access to sensitive session cookies. This access eventually allowed them to infiltrate Ginco’s communication systems.
Check Out similar Article of How a $230M Bitcoin Theft Was Cracked by Blockchain Analysis June 2, 2024 – SquaredTech
How the Hack Happened
Once inside Ginco’s system, the hackers waited months for the perfect opportunity. Using the stolen access, they intercepted a legitimate transaction request from a DMM employee. This interception led to the theft of over 4,500 bitcoin, forcing DMM to shut down operations.
According to Chainalysis, North Korean hackers have dominated crypto-related crimes in 2024. The Democratic People’s Republic of Korea (DPRK) is responsible for stealing $1.34 billion across 47 incidents this year alone. This is more than double the $660 million stolen last year.
TraderTraitor, also called Jade Sleet, UNC4899, and Slow Pisces, uses clever tricks to fool targets. In this case, they turned a pre-employment test into a hacking tool. By embedding malicious code in a Python script, they gained access to vital systems. This approach shows how careful planning and trickery play a big role in cybercrimes.
Check Out similar Article of Two Miami Criminals Used Crypto Mixers and VPNs to Launder: $230M Bitcoin Theft September 25, 2024 – SquaredTech
The Bigger Picture
This attack highlights the growing threat of cyber theft in the crypto world. As hackers get smarter, companies must step up security to protect against future breaches. With North Korean groups leading the charge, 2024 has been a tough year for the industry. Organizations worldwide must remain vigilant to defend against these rising threats.
