In a significant cyber heist, the North Korean hacking group TraderTraitor stole over $300 million in cryptocurrency from DMM Bitcoin, a Japan-based exchange, with the theft amounting to 4,502.9 Bitcoin.

As a result of the attack, DMM Bitcoin announced plans to cease operations by March 2025, halting withdrawals and trading activities, which complicated asset transfers for its users.

Despite the theft, DMM Bitcoin assured customers that their Bitcoin deposits would be fully guaranteed, having secured 55 billion yen from a group firm to cover the lost assets.

Crypto investigator ZachXBT noted that the laundering methods used in the DMM Bitcoin attack bore similarities to those associated with the notorious Lazarus Group.

Following the theft, the stolen funds were laundered through various intermediary addresses and mixed using a Bitcoin CoinJoin Mixing Service, ultimately reaching HuiOne Guarantee, a Cambodian conglomerate linked to cybercrimes.

The breach, which occurred in late May 2024, was executed through a social engineering scheme that involved a fake LinkedIn recruitment message, leading an employee to download a malicious Python script.

This incident is part of a troubling trend in the cryptocurrency sector, which saw a total of 303 security incidents in 2024, leading to losses of up to $2.2 billion, according to Chainalysis.

The year 2024 marked a surge in cryptocurrency criminal activity, with losses exceeding $1 billion for the fifth consecutive year, reflecting a 20% increase from the previous year.

The FBI has been monitoring TraderTraitor's activities since 2022, linking them to previous high-profile hacks, including significant thefts from other cryptocurrency platforms.

The U.S. Department of Justice has opened several criminal cases against North Korean hackers, highlighting their profit-driven motives and extensive involvement in global cybercrime.

North Korea's cyber warfare program, which dates back to the mid-1990s, has expanded significantly, with an estimated 6,000 members operating from various countries.

The DMM Bitcoin breach ranks as Japan's second-largest crypto theft, following the infamous $530 million Coincheck hack in 2018.