The TraderTraitor group, which is allegedly part of the Lazarus group and is linked to Pyongyang authorities, is behind the attack on the Japanese exchange DMM Bitcoin, the Japanese National Police Agency said.
The group Lazarus came to prominence in 2014, when it was accused of pirating the studios of Sony Pictures Entertainment in retaliation for the release of the satirical film about North Korea “An Interview with Madmen”.
The North American investigative police, the FBI, detailed in a separate statement “the theft of cryptocurrencies worth 308 million dollars [296 milhões de euros] of the Japanese company DMM by North Korean cyber agents.”
The FBI describes a “targeted social engineering” operation (which consists of collecting data about your target to deceive them with credible messages), in which a hacker posed as a recruiter to contact an employee of another exchange platform of cryptocurrencies.
The North Korean sent the employee what appeared to be a test on which the hiring depended, but it contained a line of malicious code. This allowed the hacker to impersonate the employee, the FBI said.
“The FBI, Japan National Police Agency, and other partners in the U.S. government and the international community will continue to expose and combat North Korea’s use of illicit activities — including cybercrime and cryptocurrency theft — to generate revenue for the regime,” the statement added.
North Korea’s cyberwarfare program dates back to at least the mid-1990s.
According to a 2020 US military report, North Korea’s cyberwarfare unit, called “Office 121,” has 6,000 members who also operate abroad, including in Belarus, China, India, Malaysia and Russia.
The United States Department of Justice has opened several criminal cases related to North Korean hackers in recent years, often alleging a profit motive.
In 2021, the department charged three North Korean computer programmers with a wide range of global hacks, including the destructive attack against Sony and attempted theft and extortion of more than $1.3 billion ($1.25 billion euros) to banks and companies.
Last July, United States courts charged Rim Jong Hyok, a man suspected of working for one of North Korea’s military intelligence agencies, of involvement in a conspiracy to hack American healthcare providers.
Source: https://observador.pt/2024/12/24/japao-e-eua-acusam-norte-coreanos-de-roubar-300-milhoes-de-euros-em-criptomoedas/
