DMM Hackers Strike Back, 500 Bitcoins Moved to New Addresses

A cryptocurrency address associated with the $305 million DMM Bitcoin hack in May has reportedly transferred 500 Bitcoin, valued at approximately $30.4 million.

According to PeckShield Alert on Aug. 22, the suspect address initially split the funds between two separate addresses, each receiving around 250 BTC.

DMM Bitcoin Hack Details

The funds are believed to be part of a stolen haul. They may connect to the 4,502.9 BTC taken from the DMM Bitcoin exchange in May. At the time of the theft, this amount was valued at approximately $305 million. However, its current worth is just over $274 million. In response to the breach, DMM Bitcoin swiftly raised $320 million to reimburse the victims.

Blockchain investigator ZachXBT has previously attributed the attack to the Lazarus Group, a notorious hacking organization allegedly tied to the Democratic People’s Republic of Korea. 

According to the on-chain analyst, the methods used to launder the stolen funds and various off-chain indicators strongly suggest the Lazarus Group’s involvement in the heist.

Following the hack, the attackers reportedly split the stolen Bitcoin into smaller batches of 500 BTC and transferred them to new wallets. Peckshield has identified that the latest funds to be moved since the May 31 incident originated from one of these wallets.

In July, ZachXBT alleged that the attackers transferred approximately $35 million worth of Bitcoin to the Cambodia-based exchange Huione Guarantee. The exchange has recently faced accusations of facilitating funds laundering from various crypto hacks, pig butchering scams, and other illicit activities.

The Previous Trauma of DMM Hack

The DMM Bitcoin attackers typically transfer the stolen cryptocurrency to privacy mixers before bridging it to Ethereum and Avalanche using THORChain. The stolen assets are then converted to Tether, transferred to Tron, and deposited on Huione.

In July, the DMM Bitcoin lost 48 billion yen ($305 million) in Bitcoin (BTC) due to a hack. According to a blog on the exchange’s website, 4,502.9 BTC was “leaked” from the platform. The exchange has implemented measures to avoid additional unauthorized outflows.

DMM Bitcoin has halted all spot trading on its platform in reaction to the hack and cautioned that withdrawals in Japanese yen “may take longer than usual.”

This episode adds to the already-growing list of cryptocurrency thefts in 2024, which had already claimed over $473 million in losses before this one. Following the 58 billion yen loss Coincheck sustained in 2018, the hack is the second largest in Japan.

According to the Chainalysis report, illegal activity on blockchain networks has been down almost 20% year-to-date. However, malware and stolen funds have increased. Comparatively to $857 million last year, stolen funds inflows doubled to $1.58 billion. Ransomware inflows climbed around 2% as well, coming to $459.8 million.

Bitcoin
BTCUSD 1-Day Chart | Source: Tradingview.com

Featured image from Ideogram, the chart from Tradingview.com.

Source: https://bitcoinist.com/dmm-hackers-strike-back-500-bitcoins-moved-to-new-addresses/