Press "Enter" to skip to content

North Korean cyber group suspected in theft of ¥48.2 billion in crypto assets from DMM Bitcoin

TOKYO (TR) – The FBI and Japan’s National Police Agency revealed in a joint announcement on Tuesday that a North Korean cyber attack group is suspected in the previously announced theft of 48.2 billion yen worth of crypto assets from DMM Bitcoin earlier this year.

In May, DMM Bitcoin, which operates a crypto asset exchange, consulted with the Tokyo Metropolitan Police, alleging that approximately 48.2 billion yen worth of crypto assets had been leaked, reports Kyodo News (Dec. 24).

The following month, DMM Bitcoin announced the theft, saying it was due to an “unauthorized leak.” Earlier this month, it said that its business would be liquidated in light of the incident. Customer assets will be transferred from the exchange to SBI VC Trade Co. around March next year.

The FBI and the NPA, which both investigated the case, determined that the North Korean cyber attack group TraderTraitor allegedly stole the crypto assets.

The announcement by the NPA and others was done as a so-called “public attribution,” which identifies and criticizes countries and organizations suspected of involvement in cyber attacks under the aim of having a deterrent effect.

The attribution was carried out in cooperation with the U.S. Department of Defense and the FBI. In Japan, this is the eighth time that it has been carried out against China and North Korea.

According to the NPA, this is the first time that damage caused by a cyber attack by TraderTraitor has been confirmed in Japan.

A North Korean group was behind the theft of 48.2 billion yen worth of crypto assets from DMM Bitcoin in May

Weapons of mass destruction

The group is believed to be related to the Korean People’s Army, but a suspect has not yet been identified. According to data released by the FBI in August last year, the total amount of virtual currency stolen from US businesses believed to be the result of this group is approximately 200 million dollars.

It is believed that the crypto assets that flowed to North Korea are being used to develop weapons of mass destruction and other weapons.

According to the bureau and the agency, “TradeTraiter” uses headhunting tactics, including posing as recruiters on social media. They send messages to cryptocurrency-related software engineers, saying things like “I want to learn programming from you” or “I want you to fix a programming bug.”

In issuing the announcement, the FBI and the NPA also urged people who receive such approaches on social media to request a video call and to consider the offer suspicious if they are refused.

DMM Bitcoin’s loss is the second-largest in Asia, following the 58 billion yen lost in the hack of Coincheck in 2018.