On May 31, 2024, as a result of the hacking 4502.9 BTC (worth approximately $308M) were stolen from the Japanese exchange Bitcoin.DMM.com. The cybersecurity agency Match Systems conducted the current situation of the case.
Japanese cryptocurrency exchange DMM Bitcoin was recently hacked, resulting in the theft of over $300 million dollars in Bitcoins. The hackers were able to access a private key, which allowed them to transfer 4,502.9 bitcoins from the exchange’s main wallet. The incident occurred on May 30, 2024, and DMM Bitcoin announced the hack the following day.
The reasons for the hack of the exchange are still unclear. The attack could have occurred as a result of compromised private keys. The keys of a hot wallet connected to the Internet could have been compromised either through an internal threat or an external hack, which could have allowed hackers to initiate a transfer of funds.
Whether social engineering techniques or malware were used to get exchange employees to sign a transaction authorizing the transfer of funds to their wallets, we have yet to learn.
An insider attack scenario cannot be ruled out, in which someone with legitimate access to the system contributed to the hack by giving the hackers the necessary data or initiating the attack.
The investigation revealed that the hackers used cryptocurrency mixer JoinMarket to launder the stolen funds. More than 2,000 BTC was sent to addresses associated with JoinMarket, while the remaining 2,500 BTC remained at the hackers’ original addresses. The Match Systems team was able to identify the first large withdrawal from the mixer in the amount of 223.38 BTC, as well as more than 50 withdrawals over 10 BTC that may be relevant to this case.
The full cycle of money laundering can take months to a year, and Match Systems will continue to monitor the movement of stolen funds, as well as looking into the cause of the attack.
Match Systems, is a leading company specializing in AML services, blockchain investigations, and implementation of compliance procedures for cryptocurrency projects around the world. By leveraging advanced technology and expertise in financial crime detection, the company is poised to help organizations to navigate the complex regulatory landscape as well as minimize the risks associated with digital currencies.
Joseph
Match Systems
mediacoverage@matchsystems.com
Authorities have delivered a major blow to the cybercrime world by dismantling two of the…
Microsoft has announced updates to its Microsoft 365 (M365) Bug Bounty Program, offering expanded services,…
Tata Technologies, a leading provider of engineering and IT services, has reported a ransomware attack…
A groundbreaking technique for Kerberos relaying over HTTP, leveraging multicast poisoning, has been recently detailed…
Since mid-2024, cybersecurity researchers have been monitoring a sophisticated Android malware campaign dubbed "Tria Stealer,"…
Proton, the globally recognized provider of privacy-focused services such as Proton VPN and Proton Pass,…