The FBI has confirmed that North Korean hackers stole $305 million from the Japanese cryptocurrency exchange, DMM Bitcoin, in May 2024. The attack, led by a hacking group known as TraderTraitor, used a social engineering scheme involving LinkedIn to trick employees.
How the hack happened
The attack began in March 2024 when a hacker posing as a recruiter contacted an employee at Ginco, a Japanese crypto wallet company. The hacker sent a fake pre-employment test disguised as a Python script through GitHub.
Unaware of the danger, the Ginco employee copied the script, which allowed the hackers to access sensitive information, including session cookies. This gave them access to internal systems at Ginco.
In May, the hackers used this foothold to manipulate a transaction request from a DMM Bitcoin employee, ultimately stealing 4,502.9 Bitcoin, valued at $305 million.
The FBI and Japanese authorities are continuing their investigations and urging crypto firms to improve their cybersecurity. This incident highlights the growing risk of social engineering attacks in the crypto industry
Do visit CoinTopper for more content like this