- These Sony headphones eased my XM5 envy with all-day comfort and plenty of bass
- I compared a $190 robot vacuum to a $550 one. Here's my buying advice
- I finally found a reliable wireless charger for all of my Google devices - including the Pixel Watch
- 6 ways to turn your IT help desk into a strategic asset
- How to install and use Microsoft's PowerShell on Linux (and why you should)
US and Japan Blame North Korea for $308m Crypto Heist
US and Japanese authorities have attributed a major cryptocurrency heist worth $308m to North Korean hackers.
An alert from the FBI, Department of Defense Cyber Crime Center and National Police Agency of Japan said the May 2024 theft from Japan-based crypto firm DMM was carried out by a North Korean threat group tracked as TraderTraitor, aka Jade Sleet, UNC4899 and Slow Pisces.
The agencies revealed that TraderTraitor carried out a targeted social engineering attack to access and steal the crypto funds. This campaign began in late March 2024, when the threat actor, masquerading as a recruiter on LinkedIn, contacted an employee at Ginco, a Japan-based enterprise cryptocurrency wallet software company.
The employee was targeted as they maintained access to Ginco’s wallet management system.
TraderTraitor sent the employee a URL linked to a malicious Python script under the guise of a pre-employment test located on a GitHub page. The victim copied the Python code to their personal GitHub page and was subsequently compromised.
After mid-May 2024, the hackers exploited session cookie information to impersonate the compromised employee and successfully gained access to Ginco’s unencrypted communications system.
In late-May 2024, the actors likely used this access to manipulate a legitimate transaction request by a DMM employee, resulting in the loss of 4,502.9 Bitcoin, worth $308m at the time of the attack.
The stolen funds were subsequently moved to TraderTraitor-controlled wallets.
Read now: North Korea Targeting Crypto Industry, Says FBI
North Korea Ramps Up Crypto Thefts to Fund Regime
A report by blockchain analytics firm Chainalysis, published on December 19, found that North Korea-affiliated hackers stole $1.34bn worth of cryptocurrency across 47 incidents during 2024.
This represents 61% of the total amount of crypto stolen throughout the year.
North Korean groups have carried out a vast volume of crypto thefts in recent years, with the proceeds generating revenue for the Pyongyang regime.
The new alert said the FBI, National Police Agency of Japan and other US government and international partners will continue to expose and combat North Korea’s use of illicit activities, including cybercrime and cryptocurrency theft.