DMM Bitcoin exchange hacked by North Korean group

The North Korean Lazarus Group is suspected of hacking the DMM Bitcoin exchange, stealing over $300 million. Investigations reveal funds were laundered through the Huione Guarantee platform, linked to $11 billion in transactions.

North Korean hackers used AI-generated deepfakes on Zoom to trick a crypto employee into installing malware targeting macOS systems and digital wallets.

The notorious North Korean Lazarus Group is suspected of hacking the DMM Bitcoin exchange, resulting in the theft of over $300 million, with $35 million reportedly laundered in July 2024. Independent crypto asset investigator ZachXBT identified that the stolen funds were sent to the Huione Guarantee platform, a Chinese-language ecosystem suspected of facilitating transactions worth at least $11 billion and aiding crypto scammers.

Tether, the issuer of the popular stablecoin USDT, has blacklisted a wallet containing nearly $30 million allegedly connected to Huione. The laundering process involved transferring stolen BTC to a mixer and then swapping the mixed funds for USDT across different blockchains before sending them to Huione. Similar laundering techniques and off-chain indicators led investigators to suspect the involvement of the Lazarus Group.

Additionally, a Reuters report revealed that Lazarus allegedly sent $150,000 worth of crypto assets to Huione Pay, a Cambodian payments firm linked to Huione Guarantee. While Huione Pay claims it did not know the funds were from hacks, security experts and a UN report indicate that North Korean hackers are increasingly infiltrating crypto projects to gather sensitive data and steal assets.