In a recent roundup of cybersecurity incidents in the digital assets space, several noteworthy events have taken place. The FBI has identified the North Korean hacker group TraderTraitor as the perpetrators behind a $308 million hack on the Japanese exchange DMM Bitcoin. This cyber heist, carried out by the group also known as Jade Sleet, UNC4899, and Slow Pisces, caused significant disruptions to the platform, including halted account registrations and cryptocurrency withdrawals.
The attack, which began in late March, involved the hacker posing as a recruiter on LinkedIn to target an employee at a cryptocurrency wallet software company Ginco. By compromising the victim’s system with malicious Python code on their GitHub page, TraderTraitor was able to infiltrate Ginco and subsequently DMM Bitcoin. The group exploited session cookies to impersonate the employee and manipulate a transaction request to steal $308 million worth of Bitcoin. TraderTraitor has been active in the blockchain sector since 2022, utilizing fake apps and social engineering tactics in their operations.
In another development, Ilya Lichtenstein, the confessed hacker behind the 2016 Bitfinex theft of 120,000 bitcoins, has taken to social media to claim sole responsibility for the crime. Serving a five-year sentence, Lichtenstein stated in a video from prison that he planned and executed the heist “entirely by myself,” absolving his wife Heather Morgan and father Eugene Lichtenstein of any involvement. While Morgan was sentenced to 18 months for laundering a portion of the stolen funds, she maintains her innocence regarding the hack. The Bitfinex coin seizure remains the largest in U.S. history, and Lichtenstein has assisted in recovering over $10 billion in stolen assets.
On the geopolitical front, South Korea has imposed sanctions on 15 individuals and one entity from North Korea for their involvement in hacking activities, including cryptocurrency thefts. These individuals are affiliated with Bureau 313, a division under the Workers’ Party of Korea’s Machine-Building Industry Department, which oversees North Korea’s weapons and ballistic missile programs. The South Korean Ministry of Foreign Affairs revealed that North Korean IT operatives disguise their identities to secure jobs with global companies and engage in cyberattacks to funnel stolen assets back to Pyongyang.
Additionally, U.S. President-elect Donald Trump has appointed Bo Hines as the executive director of the Presidential Council of Advisers for Digital Assets. Hines, a former North Carolina congressional candidate, is an advocate for blockchain technology and will collaborate with venture capitalist David Sacks to develop regulatory frameworks and explore opportunities for integrating digital assets into the economy.
In the legal realm, Australian computer scientist Craig Wright, who falsely claimed to be Bitcoin’s creator Satoshi Nakamoto, has been sentenced to a year in prison for contempt in a British court. Wright’s claims of being Nakamoto were debunked in a previous ruling, and the sentence follows his contentious intellectual property claim. Wright plans to appeal the decision, maintaining his innocence.
Lastly, Interpol has issued a red notice for Richard James Schueler, also known as Richard Heart, founder of Hex and PulseChain, at Finland’s request. Schueler is accused of tax fraud and assaulting a minor, with Europol listing him as one of Europe’s most wanted criminals. The charges coincide with a U.S. SEC lawsuit against Schueler for selling unregistered securities through his cryptocurrency ventures. Despite these legal challenges, Schueler remains defiant on social media, expressing optimism about his future endeavors.
Overall, these developments underscore the ongoing challenges and risks faced by the digital assets sector, highlighting the importance of cybersecurity measures and regulatory compliance in the evolving landscape of blockchain and cryptocurrency technologies.