In May 2024, a massive hack targeted the Japanese cryptocurrency exchange DMM, resulting in the theft of over $300 million in Bitcoin.
This attack, which took place in collaboration with international law enforcement agencies, including the FBI and Japan’s National Police Agency (NPA), involved sophisticated methods linked to North Korea’s TraderTraitor group.
The attack unfolded after a member of the team at Ginco, a crypto wallet company partnered with DMM, fell victim to a social engineering scam. Posing as a recruiter on LinkedIn, a North Korean hacker tricked the employee into clicking on a malicious link, leading to compromised access to Ginco’s wallet management system.
In May, the attackers used this breach to manipulate a transaction, resulting in the theft of 4,502.9 Bitcoin, worth approximately $305 million at the time. These stolen funds were subsequently funneled to wallets controlled by the TraderTraitor group.
This incident is part of a larger wave of cybercrime targeting the cryptocurrency sector. According to Chainalysis, by mid-December 2024, there had been 303 security breaches in the crypto industry, resulting in total losses of up to $2.2 billion.
The centralized finance (CeFi) sector has been particularly vulnerable, experiencing a 1,000% increase in such incidents compared to the previous year. Authorities are continuing to investigate and expose the growing trend of state-affiliated cybercriminal activity in the digital asset space.
The U.S. Department of Justice has sentenced Dwayne Golden, 57, of Pennsylvania to 97 months in prison for orchestrating a fraudulent crypto investment scheme that stole over $40 million from investors.
The first half of 2025 has become the most damaging six-month period in crypto history, with over $2.1 billion stolen across 75+ separate incidents, according to new data.
A new breed of cyber-attack is sweeping through crypto media, exploiting site pop-ups and wallet-connect prompts instead of smart-contract bugs.
CoinMarketCap, one of the most widely used crypto data tracking platforms, is reportedly facing a front-end security breach, with multiple users encountering a suspicious prompt to verify their wallets.