- North Korean hacker group TraderTraitor behind $300M crypto heist from Japan’s DMM exchange in May 2024.
- Hackers used social engineering to compromise Ginco employee, leading to $305M Bitcoin theft linked to TraderTraitor.
- Crypto hacks surged in 2024, with 303 incidents causing $2.2B in losses, highlighting the rising risks to digital assets.
In May 2024, Japan’s DMM crypto exchange lost more than $300 million to a hack. The attack led to the loss of 4502.9 Bitcoin and equivalent to about $305 million. The details of the breach were made public on 23 December by the FBI, the Department of Defense Cyber Crime Center (DC3), and Japan’s National Police Agency (NPA). The stolen money was linked to a well-known North Korean hackers’ group called TraderTraitor.
Crypto Hackers Exploit Ginco’s System
The attack started with a social engineering attack that involved compromising an employee of Ginco – a Japanese crypto wallet service provider. In March, a hacker impersonating a recruiter reached out to the employee over LinkedIn. The attacker used a phishing link and disguised it as a pre-employment test on GitHub. Inadvertently, the employee clicked the link that led to the compromise of the GitHub account of the employee and gave the hacker control over Ginco’s wallet management system.
The hackers, however, used the information they got from the hack to launch their attack in May. They posed as the employee and hacked into Ginco’s communication network. They used this access to modify a legitimate transaction request coming from DMM and sent over 300 million dollars in Bitcoin to wallets of TraderTraitor.
Crypto Hacks Surge in 2024
The FBI said that the stolen funds were transferred to the cryptocurrency wallets belonging to the North Korean hacker group. The TraderTraitor group is suspected of using cybercrimes to raise money for the North Korean government. In cooperation with the international colleagues, the FBI has promised to keep fighting against these criminal activities. Their work is to reveal how North Korea is using cybercrime as a source of revenue.
This heist is one of the biggest crypto hacks of 2024, but it is not the only one of its kind. On December 19, blockchain analytics firm Chainalysis said that there were 303 incidents of security breach in 2024 which led to the loss of $2.2 billion. Such incidents paint the picture of the rising risks in the crypto space as more and more cybercriminals turn their attention to digital funds and platforms.
Cybersecurity firm Cyvers has revealed that the centralized finance (CeFi) industry has been one of the most impacted. This is a dramatic 1000% year-on-year increase in incidents which shows that many crypto platforms remain at risk. The crypto industry is therefore under immense pressure to enhance its protection from increasing cyber threats.
The FBI and other law enforcement agencies have not yet ended their investigation on the DMM hack. Given the increasing danger that cryptocurrency space is exposed to, this breach acts as a vivid illustration of how difficult it is to safeguard digital assets against professional hackers. Given North Korea’s role in this cyber attack, the international cyber space especially the crypto space must continue to be on the lookout for other threats.
