In a joint announcement on Tuesday, the FBI and Japan’s National Police Agency (NPA) revealed that a North Korean cyber attack group was responsible for the theft of 48.2 billion yen worth of cryptocurrency from DMM Bitcoin, a major crypto asset exchange. This incident, which occurred earlier this year, has shaken the cryptocurrency world and led to significant concerns about cyber security in the digital finance space. The FBI and NPA’s investigation into the theft points to a North Korean hacker group known as TraderTraitor as the prime suspect behind the attack.
The Crypto Theft of 48.2 Billion Yen
The theft came to light in May when DMM Bitcoin, a popular exchange based in Japan, reported a massive leak of crypto assets. The company consulted with the Tokyo Metropolitan Police, alleging that approximately 48.2 billion yen worth of cryptocurrency had been taken from their platform. This prompted an investigation that later confirmed the loss. In June, DMM Bitcoin officially disclosed the theft to the public, stating that it was the result of an “unauthorized leak.”
Despite the company’s efforts to safeguard customer assets, the magnitude of the breach forced DMM Bitcoin to make a significant decision. Earlier this month, the company announced that due to the incident, it would be liquidating its business. The crypto assets held by customers would be transferred to SBI VC Trade Co., a Japanese exchange, around March of the following year.
The scale of the theft makes it one of the largest in Japan’s cryptocurrency history, second only to the 58 billion yen stolen in the 2018 Coincheck hack. This latest attack has caused a ripple effect, raising concerns over the vulnerability of cryptocurrency exchanges and the security of digital assets in general.
TraderTraitor: A North Korean Cyber Attack Group
The FBI and NPA’s investigation into the theft of 48.2 billion yen worth of cryptocurrency points to the North Korean hacker group TraderTraitor as the perpetrators. Tied to North Korea’s military, TraderTraitor is known for sophisticated cyber attacks aimed at stealing virtual currencies from companies globally. Their stolen assets are believed to fund North Korea’s weapons programs, including weapons of mass destruction.
TraderTraitor uses alarming tactics to target software engineers with cryptocurrency expertise. The group recruits through social media, posing as job recruiters with offers like “I want to learn programming from you” or “I need help fixing a bug.” Once the engineers engage, the hackers exploit the situation to steal valuable crypto assets.
The FBI and NPA have issued a public warning urging individuals to be cautious of suspicious messages on social media, especially those related to cryptocurrency or programming. They recommend video calls with any unfamiliar contact to verify their legitimacy. This advisory is part of ongoing efforts to educate the public on how to avoid falling victim to cybercrime.
A Growing Threat to Global Cyber Security
The involvement of the state-sponsored hacker group TraderTraitor highlights the growing threat posed by North Korean cybercriminals to global security, with this being their first confirmed attack in Japan. This marks the eighth time Japan’s National Police Agency has linked cyber attacks to North Korea or China. The identification of such groups serves as a deterrent and raises awareness of the increasing risks posed by cybercrime, especially as hacker groups exploit vulnerabilities in digital systems and target valuable cryptocurrency exchanges.
The DMM Bitcoin theft is a clear reminder of the rising vulnerabilities within cryptocurrency exchanges as digital assets become more valuable. The FBI and NPA’s joint efforts to combat cybercrime are part of a global push to track and prosecute cybercriminals. As cyber threats evolve, both businesses and individuals must adopt secure practices to protect their assets and avoid falling victim to such attacks in the rapidly growing digital finance world.