Match Systems’ CEO Andrei Kutin Provides Insight on DMM Bitcoin Breach

By Andrei Kutin, CEO Match Systems [ Join Cybersecurity Insiders ]
405

On May 31, 2024, as a result of the hacking 4502.9 BTC (worth approximately $308M) were stolen from the Japanese exchange Bitcoin.DMM.com. The cybersecurity agency Match Systems conducted the current situation of the case.

Japanese cryptocurrency exchange DMM Bitcoin was recently hacked, resulting in the theft of over $300 million dollars in Bitcoins. The hackers were able to access a private key, which allowed them to transfer 4,502.9 bitcoins from the exchange’s main wallet. The incident occurred on May 30, 2024, and DMM Bitcoin announced the hack the following day.

The reasons for the hack of the exchange are still unclear. The attack could have occurred as a result of compromised private keys. The keys of a hot wallet connected to the Internet could have been compromised either through an internal threat or an external hack, which could have allowed hackers to initiate a transfer of funds.

Whether social engineering techniques or malware were used to get exchange employees to sign a transaction authorizing the transfer of funds to their wallets, we have yet to learn.

An insider attack scenario cannot be ruled out, in which someone with legitimate access to the system contributed to the hack by giving the hackers the necessary data or initiating the attack.

The investigation revealed that the hackers used cryptocurrency mixer JoinMarket to launder the stolen funds. More than 2,000 BTC was sent to addresses associated with JoinMarket, while the remaining 2,500 BTC remained at the hackers’ original addresses. The Match Systems team was able to identify the first large withdrawal from the mixer in the amount of 223.38 BTC, as well as more than 50 withdrawals over 10 BTC that may be relevant to this case.

The full cycle of money laundering can take months to a year, and Match Systems will continue to monitor the movement of stolen funds, as well as looking into the cause of the attack.

Ad

No posts to display