Accusation Against North Korean Hacking Group
US and Japanese authorities have accused a North Korean hacking group known as “Trader Traitor” of stealing cryptocurrencies worth $308 million from the Japanese cryptocurrency exchange DMM Bitcoin, according to statements from the National Police Agency of Japan and the FBI.
Lazarus Group: A History of Cyber Crimes
The “Trader Traitor” group is part of the Lazarus Group, which gained infamy for major cyberattacks, including the 2014 hack of Sony Pictures as retaliation for the film The Interview, which mocked North Korean leader Kim Jong Un.
In a statement issued on Monday, the FBI said:
“A targeted hack was carried out using social engineering tactics, resulting in the theft of 4502.9 Bitcoins worth $308 million.”
Social Engineering: The Attack Method
Social engineering refers to manipulating individuals into revealing sensitive information or installing malicious software. In this case, one hacker posed as a recruiter on LinkedIn and contacted an employee of a software company specializing in digital currencies. The hackers sent a fake “pre-employment test” that contained malware, allowing them to breach the exchange’s system.
International Reactions and Investigations
The FBI confirmed that the attack allowed the hackers to impersonate the employee and manipulate a legitimate transaction, leading to the theft. The FBI added:
“We will continue to collaborate with our international partners to combat cybercrime and cryptocurrency theft used by North Korea to fund its regime.”
North Korea’s Cyber Warfare Program
North Korea’s cyber warfare program dates back to the 1990s. Reports indicate the existence of a specialized unit known as “Office 121,” which consists of around 6,000 personnel working from various countries.