Japanese police revealed on Tuesday that hackers affiliated with the North Korean regime were likely behind the $307 million attack on cryptocurrency exchange DMM Bitcoin.

north korea Hackers are said to be behind a multi-million dollar attack on a cryptocurrency exchange, costing the platform more than $300 million worth of stolen crypto funds.

On December 23 press releaseThe FBI, in cooperation with Japan's National Police Agency, revealed that the hack, which occurred in May, was linked to North Korean cyber actors and linked to the threat group known as TraderTraitor, also referred to as Jade Sleet, UNC4899, and Slow. Pisces.

According to authorities, the cyberattack began when a North Korean hacker, posing as a LinkedIn recruiter, contacted an employee at Ginco, a Japanese company that provides cryptocurrency wallet software. The hacker tricked the employee into downloading a malicious Python script, which was disguised as part of a pre-employment test. The employee inadvertently uploaded the script to his personal GitHub page, allowing the attacker to access sensitive company systems.

By mid-May, attackers used stolen session cookies to impersonate the compromised employee and infiltrated Ginco's unencrypted communications system, manipulating a legitimate DMM Bitcoin transaction request. Ultimately, this scheme allowed hackers to steal 4502.9 (Bitcoin) equivalent to $307 million at the time. The stolen cryptocurrency was later transferred to wallets controlled by TraderTraitor Group, the FBI said.

As crypto.news reported earlier, the US and South Korea They have collaborated to create new mechanisms to prevent cryptocurrency-related thefts north korea. The two countries have reportedly signed an agreement to create joint technologies to stop cryptocurrency theft. While the details are still unclear, South Korea's Ministry of Science will also support the initiative until 2026.