North Korea Accused of $300 Million Crypto Theft: A Deep Dive into the DMM Bitcoin Heist

In a major cybersecurity breach, a North Korean hacking group has been accused of stealing over $300 million in cryptocurrency from the Japan-based exchange, DMM Bitcoin. According to Japanese police and the FBI, the infamous Lazarus Group believed to be linked to Pyongyang, orchestrated the heist through sophisticated social engineering tactics.

The Lazarus Group, previously known for high-profile cyberattacks like the 2014 Sony Pictures hack, reportedly carried out this operation through its TraderTraitor subgroup. In May 2024, the hackers infiltrated DMM Bitcoin's systems using a deceptive recruitment strategy. Posing as a recruiter on LinkedIn, a hacker targeted an employee from a different crypto wallet software company, offering what appeared to be a pre-employment test. This test contained malicious code, enabling the attackers to access the employee’s credentials and manipulate legitimate transactions.

This breach resulted in the theft of 4,502.9 Bitcoin, valued at $308 million. The FBI confirmed that the attackers used their access to manipulate transaction requests, successfully siphoning off the cryptocurrency.

The stolen funds are believed to support North Korea's regime, which relies heavily on illicit activities like cybercrime and cryptocurrency theft to circumvent international sanctions and fund its programs. The FBI, Japan’s National Police Agency, and international partners have vowed to expose and combat these activities.

North Korea’s cyber-warfare capabilities date back to the 1990s and have since evolved into a formidable unit known as Bureau 121, comprising approximately 6,000 operatives spread across multiple countries. With this heist, the regime’s use of cyberattacks as a revenue-generating mechanism has again come to light.

Refrence From: www.ndtv.com​