In May 2024, a massive hack targeted the Japanese cryptocurrency exchange DMM, resulting in the theft of over $300 million in Bitcoin.
This attack, which took place in collaboration with international law enforcement agencies, including the FBI and Japan’s National Police Agency (NPA), involved sophisticated methods linked to North Korea’s TraderTraitor group.
The attack unfolded after a member of the team at Ginco, a crypto wallet company partnered with DMM, fell victim to a social engineering scam. Posing as a recruiter on LinkedIn, a North Korean hacker tricked the employee into clicking on a malicious link, leading to compromised access to Ginco’s wallet management system.
In May, the attackers used this breach to manipulate a transaction, resulting in the theft of 4,502.9 Bitcoin, worth approximately $305 million at the time. These stolen funds were subsequently funneled to wallets controlled by the TraderTraitor group.
This incident is part of a larger wave of cybercrime targeting the cryptocurrency sector. According to Chainalysis, by mid-December 2024, there had been 303 security breaches in the crypto industry, resulting in total losses of up to $2.2 billion.
The centralized finance (CeFi) sector has been particularly vulnerable, experiencing a 1,000% increase in such incidents compared to the previous year. Authorities are continuing to investigate and expose the growing trend of state-affiliated cybercriminal activity in the digital asset space.
