US and Japanese authorities are blaming North Korean hackers for an alleged $308 million heist on Japanese crypto exchanges.
According to the official announcement on December 23rd, earlier this year, North Korean cybercriminals used a sophisticated social engineering effort to breach the servers of a Japanese cryptocurrency exchange and steal $308 million in virtual assets.
The hack comes as one of the many incidents this year that have been happened with the involvement of North Korean hackers.
Japanese Crypto Exchange Hacked for $308 Million
According to the official release, North Korean cyber attackers stole $308 million in Bitcoin from the Japanese business DMM in May 2024.
The gang, which is also known as Jade Sleet, UNC4899, and Slow Pisces, frequently uses targeted social engineering tactics against several employees of the same business in order to accomplish its objectives, the press release continued.
Jade Sleet, UNC4899, and Slow Pisces are also associated with TraderTraitor threat behavior, which is linked to the heist.
An employee of Ginco, a Japanese corporate bitcoin wallet software startup, was contacted by a North Korean cyber actor in late March 2024 while posing as a recruiter on LinkedIn.
The threat actor pretended that it was a pre-employment test on a GitHub page and sent the target, who had access to Ginco’s wallet management system, a URL that led to a malicious Python script. After copying the Python code to their own GitHub website, the victim became hacked.
Also Read: Radiant Releases Detailed Report on $50M October Hack, North Korean Hacker Suspected
North Korean Hackers Take Huge Sum Of Crypto Money in 2024
The entire crypto market grappled with a rise in hacks, scams, and threats from North Korean actors in 2024. The year has also seen a rise in illegal crypto activities.
In 2023, approximately $660.50 million was stolen from 20 events by North Korean hackers but in 2024, they took $1.34 billion from 47 events, a 102.88% increase in value.
These figures make up 61% of the total amount taken annually and 20% of all cases.
North Korean hackers have developed new techniques for crypto fraud. The latest in a long line of techniques used by hackers in the DPRK to steal Bitcoin are phishing and malware scams.
Why Does DPRK Undertake Crypto Hacks and Scams?
UN sanctions have been in place against North Korea, officially known as the Democratic People’s Republic of Korea (DPRK), since 2006. The restrictions have gradually been tightened in an effort to reduce funds for its ballistic missile and nuclear programs.
The theft of Bitcoin and virtual assets has allowed the money to be used for various purposes because the country has been subject to ongoing sanctions.
The two main goals of North Korea’s cyber operations are to gather strategic intelligence and generate money to support Kim Jong Un’s Byungjin policy efforts. It is thought that a sizable amount of the pilfered money this year was utilized for the DPRK’s ballistic missile and nuclear initiatives.
North Korea has a complex network of activities as a result of its purposeful development of its cyber capabilities as a political tool, especially in the areas of finance, intelligence, and military.
Also Read: US Moves to Seize $2.67 Million in Crypto Stolen by North Korean Lazarus Group