A North Korean hacking group stole cryptocurrency worth over $300 million from the Japan-based exchange DMM Bitcoin, according to Japanese police and the United States’ FBI.
The TraderTraitor group — believed to be part of Lazarus Group, which is allegedly linked to the Pyongyang authorities — carried out the heist, Japan’s National Police Agency said Tuesday.
Lazarus Group gained notoriety a decade ago when it was accused of hacking into Sony Pictures as revenge for “The Interview,” a film that mocked North Korean leader Kim Jong Un.
The FBI detailed “the theft of cryptocurrency worth $308 million US dollars from the Japan-based cryptocurrency company DMM by North Korean cyber actors” in a separate statement dated Monday.
It described a “targeted social engineering” operation where a hacker pretended to be a recruiter on LinkedIn to contact an employee of a different crypto wallet software company.
They sent the employee what appeared to be a pre-employment test, which actually contained a malicious line of code.
That allowed the hacker to compromise their system and impersonate the employee, the FBI said.
“In late May 2024, the actors likely used this access to manipulate a legitimate transaction request by a DMM employee, resulting in the loss of 4,502.9 Bitcoin, worth $308 million at the time,” it said.
“The FBI, National Police Agency of Japan, and other US government and international partners will continue to expose and combat North Korea’s use of illicit activities — including cybercrime and cryptocurrency theft — to generate revenue for the regime,” it said.
North Korea’s cyber-warfare program dates back to at least the mid-1990s.
It has since grown to a 6,000-strong cyber-warfare unit known as Bureau 121 that operates from several countries, according to a 2020 US military report.
(Except for the headline, this story has not been edited by NDTV staff and is published from a syndicated feed.)
