U.S. and Japanese officials have attributed the massive $308 million cryptocurrency heist against Japanese cryptocurrency exchange DMM Bitcoin in May to North Korean threat operation TraderTraitor, which is believed to be a subgroup of the Lazarus hacking collective, according to SiliconAngle.
Nearly two months after Japanese enterprise wallet software firm Ginco had its wallet management system compromised through a successful social engineering attack by a LinkedIn recruiter-impersonating threat actor against one of its employees, TraderTraitor impersonated the employee with obtained session cookies and breached the unencrypted communications system of Ginco, a joint statement from the FBI, Department of Defense Cyber Crime Center, and Japan's National Police Agency revealed. Such access was then leveraged by TraderTraitor to interfere with a DMM employee transaction request and facilitate the exfiltration of currency to the North Korean government, said officials.
Such a development comes months after Indian cryptocurrency exchange and trading platform WazirX was reported to have lost $234.9 million worth of cryptocurrency in a Lazarus attack.
