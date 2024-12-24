Japan, US blame North Koreans for crypto theft


A North Korean hacking group stole cryptocurrency worth over $300 million from the Japan-based exchange DMM Bitcoin, according to Japanese police and the United States' FBI.

The TraderTraitor group, believed to be part of Lazarus Group, which is allegedly linked to the Pyongyang authorities, carried out the heist, Japan's National Police Agency said yesterday.

Lazarus Group gained notoriety a decade ago when it was accused of hacking into Sony Pictures as revenge for "The Interview," a film that mocked North Korean leader Kim Jong Un.

The FBI detailed "the theft of cryptocurrency worth $308 million U.S. dollars from the Japan-based cryptocurrency company DMM by North Korean cyber actors" in a separate statement.

It described a "targeted social engineering" operation where a hacker pretended to be a recruiter on LinkedIn to contact an employee of a different crypto wallet software company.

They sent the employee what appeared to be a pre-employment test, which actually contained a malicious line of code.

That allowed the hacker to compromise their system and impersonate the employee, the FBI said.

"In late May 2024, the actors likely used this access to manipulate a legitimate transaction request by a DMM employee, resulting in the loss of 4,502.9 Bitcoin, worth $308 million at the time," it said.

North Korea's cyber-warfare program dates back to at least the mid-1990s.

It has since grown to a 6,000-strong cyber-warfare unit known as Bureau 121 that operates from several countries, according to a 2020 U.S. military report.

