¥48.2 Billion Bitcoin Theft Linked to North Korean Hackers; Cyber Actor Masqueraded as Job Recruiter on LinkedIn Platform
15:50 JST, December 24, 2024
The North Korean hackers group TraderTraitor was involved in the May theft of bitcoins worth ¥48.2 billion from Japanese cryptocurrency exchange DMM Bitcoin, the National Police Agency and the U.S. Federal Bureau of Investigation announced Tuesday.
According to the announcement, a cyber actor masquerading as a headhunter approached an employee of DMM Bitcoin’s outsourcing partner and stole his access to the firm’s cryptocurrency transaction system.
TraderTraitor is believed to be part of the hacking outfit Lazarus, which belongs to North Korea’s Reconnaissance General Bureau. This is the first time that harm by the group was confirmed in Japan and the eighth time that the Japanese government has named the source of an attack, a practice called “public attribution.”
The Kanto Regional Police Bureau’s cybercrime special investigative team and the Metropolitan Police Department will continue to investigate the case on suspicion of violations of the Law on Prohibition of Unauthorized Computer Access.
According to the NPA, a member of TraderTraitor masqueraded as a corporate recruiter on the LinkedIn business-oriented social media site in late March. They contacted a employee of Ginco Inc., a Tokyo-based cryptocurrency wallet software firm that DMM Bitcoin had entrusted with managing its cryptocurrency trading.
The fraudulent recruiter allegedly told the employee, “We were impressed by your skills” and had him execute a program sent under the guise of a pre-employment test to check his skills. The employee was infected with a computer virus that compromised his privileges as a DMM Bitcoin employee.
TraderTraitor actors accessed Ginco’s cryptocurrency transaction system repeatedly from mid-May. They allegedly changed transaction amounts and remittance recipients in the system to steal ¥48.2 billion worth of bitcoins from DMM Bitcoin on May 31.
The stolen bitcoins were subsequently laundered, but some were eventually moved to a wallet that the FBI knew was controlled by TraderTraitor. In addition, the LinkedIn account used to contact the employee and the server connected to his device matched those acknowledged by U.S. authorities to have been linked to TraderTraitor.
The United Nations reported in March that North Korean cyberattacks on cryptocurrency-related companies between 2017 and 2023 were valued at $3 billion, which reportedly helped fund the country’s development of weapons of mass destruction.
The NPA, in conjunction with the National Center of Incident readiness and Strategy for Cybersecurity and the Financial Services Agency, released a joint document Tuesday to raise awareness. The document called for companies concerned to be aware of the hackers’ tactic of learning about their targets’ backgrounds and skills before making contact.
DMM Bitcoin announced this month that it would transfer its customers’ wallets to SBI Holdings Inc.’s cryptocurrency exchange unit from around next March and go out of business.
"Politics" POPULAR ARTICLE
-
Japan PM Ishiba Says Corporate, Group Donations ‘Not Inappropriate’; Interpellations Start at Lower House
-
Japan’s LDP Proposes Third-Party Panel to Monitor Use of Political Funds; Draft Does Not Mention Banning Corporate Donations
-
Japan to Support Its Companies Expanding into Africa; Creating Initiative to Act as Bridge with Local Start-ups
-
Tourists’ Consumption Tax Exemption To Take New Form; Refunds When Departing To Replace Waivers When Buying
-
Japan, Italy, U.K. Launch Body To Manage Next-Generation Jet Project; U.K.-Headquartered Body Has Japanese Chief Executive
JN ACCESS RANKING
- Japan’s Kansai Economic Delegation Meets China Vice Premier, Confirm Cooperation; China Called to Expand Domestic Demand
- Core Inflation in Tokyo Accelerates in November
- Yomiuri Stock Index to Launch in March; 333 Companies to be Equally Weighted
- Yomiuri 333 Stock Index Raises Investor Expectations in Japan; Equal Weighting To Provide New Perspective
- China to Test Mine for Rare Metals Off Japan Island; Japan Lagging in Technologies Needed for Extraction