DMM Hackers Strike Back, 500 Bitcoins Moved to New Addresses

As a seasoned researcher who has witnessed the rollercoaster ride that is the cryptocurrency world, I can’t help but feel a sense of deja vu when reading about the recent movement of funds associated with the DMM Bitcoin hack. The $305 million heist in May was a stark reminder of the vulnerabilities in our digital financial systems, and now, nearly four months later, it seems that the perpetrators are still at large.


The Bitcoin wallet linked to the $305 million DMM Bitcoin heist in May is said to have moved around 500 Bitcoins, which equates to roughly $30.4 million in value.

Based on a PeckShield alert from August 22nd, it appears that the suspected account first distributed the funds into two different accounts, with approximately 250 BTC going to each one.

Warning from PeckShield Alert regarding DMM Bitcoin: An address previously marked as suspicious has transferred approximately 500 Bitcoins, valued at around 30.4 million dollars, to two fresh accounts.

— PeckShieldAlert (@PeckShieldAlert) August 22, 2024

DMM Bitcoin Hack Details

As a crypto investor, I have come to realize that the funds I’m holding might be part of a stolen cache traced back to the 4,502.9 BTC allegedly taken from the DMM Bitcoin exchange in May. At the time of the theft, this amount was estimated to be worth an astonishing $305 million. However, its current value has slightly decreased to around $274 million. In the aftermath of the breach, DMM Bitcoin acted swiftly and raised approximately $320 million to compensate the affected parties.

Previously, blockchain analyst ZachXBT has linked the attack to the Lazarus Group, a well-known hacking collective believed to be associated with North Korea.

As an analyst, I’ve been closely examining the evidence, and my findings point towards a high probability of the Lazarus Group being involved in this heist. The methods used to launder the stolen funds and several off-chain indicators align strikingly with their known tactics.

After the cyber-attack, it’s said that the perpetrators divided the pilfered Bitcoins into smaller groups of approximately 500 BTC and transferred them to different digital wallets. According to Peckshield’s analysis, the most recent funds moved since the May 31 event originated from one of these newly created wallets.

In July, ZachXBT claimed that hackers moved around 35 million dollars’ worth of Bitcoin to the Cambodian exchange Huione Guarantee. This platform has recently been under scrutiny for allegedly aiding in money laundering from numerous crypto heists, pig butchering scams, and other illegal operations.

The Previous Trauma of DMM Hack

In a typical scheme by the DMM Bitcoin hackers, they move the pilfered cryptocurrency to confidential transaction platforms first, then use THORChain to shift it between Ethereum and Avalanche networks. Subsequently, they convert these assets into Tether (USDT), transfer them to Tron’s network, and finally deposit them on Huione.

In July, the DMM Bitcoin exchange suffered a loss of approximately $305 million (48 billion yen) in Bitcoin (BTC) as a result of a hack. As reported on their website blog, about 4,502.9 BTC were stolen from the platform. To prevent further unauthorized withdrawals, the exchange has taken steps to enhance security measures.

Due to a recent hack, DMM Bitcoin has temporarily stopped all trades on its platform. They’ve also warned users that Japanese yen withdrawals might take more time than normal.

As a seasoned investor who has witnessed the rise and fall of numerous cryptocurrencies over the past decade, I can attest to the fact that the frequency of cryptocurrency thefts in recent years is alarming. The latest incident, which resulted in losses exceeding $473 million, serves as yet another reminder of the risks associated with this volatile market. In 2018, the $58 billion yen loss sustained by Coincheck was a stark warning of the vulnerability of Japanese exchanges to hackers. This most recent hack underscores the fact that these thefts are not isolated incidents but rather part of an escalating trend. I believe it is crucial for investors to exercise caution and vigilance when dealing with cryptocurrencies, given their susceptibility to cyberattacks and the potential for significant financial losses.

As per a recent Chainalysis report, the proportion of illegal activities on blockchain networks has dropped by nearly 20% this year. Contrastingly, there has been an increase in instances of malware and funds being stolen. In comparison to the $857 million worth of stolen funds recorded last year, the inflow has almost doubled to a staggering $1.58 billion. Furthermore, ransomware inflows have increased by approximately 2%, totaling $459.8 million.

DMM Hackers Strike Back, 500 Bitcoins Moved to New Addresses

Read More

2024-08-23 19:12