Threat Intel Solutions

[Blockchain -& Cryptocurrency](https://www.govinfosecurity.com/blockchain-cryptocurrency-c-483) , [Cryptocurrency Fraud](https://www.govinfosecurity.com/cryptocurrency-fraud-c-574) , [Fraud Management -& Cybercrime](https://www.govinfosecurity.com/fraud-management-cybercrime-c-409)Cryptohack Roundup: FBI Fingers TraderTraitor for $308M Hack============================================================Also: Bitfinex Hacker Lichtenstein’s Social Media Post From Prison [Rashmi Ramesh](https://www.govinfosecurity.com/authors/rashmi-ramesh-i-4224) ([rashmiramesh_](https://www.twitter.com/rashmiramesh_)) • December 26, 2024 [](https://www.bankinfosecurity.com/cryptohack-roundup-fbi-fingers-tradertraitor-for-308m-hack-a-27158#disqus_thread) * * * * * [Credit Eligible](/premium/pricing ‘As a BankInfoSecurity.com annual member, this content can be used toward your membership credits and transcript tracking.’)* [](/premium/pricing ‘As a BankInfoSecurity.com annual member, this content can be used toward your membership credits and transcript tracking.’)* Get Permission*  Image: Shutterstock*Every week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week’s stories include the FBI fingering TraderTraitor in a $308M hack, Bitfinex hacker Lichtenstein saying he operated alone, South Korea sanctioning North Korean hackers, Trump naming an exec director for Digital Assets Council, Craig Wright being sentenced to a year in prison and the Interpol issuing a red notice for Hex founder.***See Also:** [OnDemand -| NSM-8 Deadline July 2022:Keys for Quantum-Resistant Algorithms Implementation](https://www.govinfosecurity.com/webinars/ondemand-nsm-8-deadline-july-2022keys-for-quantum-resistant-algorithms-w-3882?rf=RAM_SeeAlso)### FBI Fingers TraderTraitor for $308M HackNorth Korean hacker group TraderTraitor stole $308 million worth of cryptocurrency in an attack on the Japanese exchange DMM Bitcoin from May, the FBI [said](https://www.fbi.gov/news/press-releases/fbi-dc3-and-npa-identification-of-north-korean-cyber-actors-tracked-as-tradertraitor-responsible-for-theft-of-308-million-from-bitcoindmmcom). The heist is linked to the Pyongyang group also known as Jade Sleet, UNC4899 and Slow Pisces. The incident caused platform disruptions, including halted account registrations and cryptocurrency withdrawals.The attack [began](https://bitcoin.dmm.com/news/20240531_01) in late March, when a hacker posed as a recruiter on LinkedIn to target an employee at a cryptocurrency wallet software company Ginco. The attacker lured the victim with a job proposal requiring them to run malicious Python code on their GitHub page, compromising the victim’s system. TraderTraitor then infiltrated Ginco, moving laterally to DMM Bitcoin. By May, they exploited session cookies to impersonate the employee, ultimately manipulating a transaction request to steal Bitcoin worth $308 million then. TraderTraitor has targeted the blockchain sector since 2022 using fake apps and social engineering tactics.### Bitfinex Hacker Lichtenstein Says He Alone was Responsible for HackIlya Lichtenstein, confessed hacker behind the 2016 Bitfinex theft of 120,000 bitcoins, [said](https://x.com/unrealdutch/status/1869713981591663003) on social media that he took full responsibility for the crime in what appears to be an attempt to clear his wife Heather Morgan and father Eugene Lichtenstein. In a video recorded from prison, Lichtenstein, [serving](/bitfinex-hacker-lichtenstein-sentenced-to-5-years-in-prison-a-26824) a five-year sentence, stated that he planned and executed the Bitfinex heist ‘entirely by myself.’ He dismissed allegations linking his father, an elderly, non-technical individual, to the hacking activities as baseless. Morgan, aka Razzlekhan, was [sentenced](/cryptohack-roundup-no-prison-time-for-ftxs-gary-wang-a-26871) to 18 months for laundering a small portion of the stolen funds but maintains her unawareness of the crime. The Bitfinex coin seizure remains the largest in U.S. history.Lichtenstein has assisted the government in recovering over $10 billion in stolen assets, with restitution hearings slated for early next year. He also [testified](https://www.coindesk.com/policy/2024/02/27/man-who-laundered-billions-in-bitcoins-says-bitcoin-fog-was-a-help-bloomberg) against Roman Sterlingov, the operator of Bitcoin Fog.### South Korea Sanctions North Korean Crypto HackersThe South Korean government [imposed](https://down.mofa.go.kr/www/brd/m_4080/view.do?seq=375771&page=1&pitem=10) sanctions on 15 individuals and one entity from North Korea for involvement in hacking, including cryptocurrency thefts. The individuals are linked to Bureau 313, a division under the Workers’ Party of Korea’s Machine-Building Industry Department. It oversees North Korea’s weapons and ballistic missile programs.The South Korean Ministry of Foreign Affairs said that North Korean IT operatives disguise their identities to secure jobs with global companies in regions like China, Russia, Southeast Asia and Africa. These operatives participate in cyberattacks and funnel stolen assets back to Pyongyang. Sanctioned individual Kim Cheol-min infiltrated IT firms in the U.S. and Canada and sent substantial foreign currency to support the North Korean regime, it said. The sanctions also target a North Korean entity responsible for deploying IT personnel abroad and transferring significant funds to bolster the regime’s military efforts.### Digital Assets Council Gets New Exec DirectorU.S. President-elect Donald Trump has [named](https://x.com/BoHines/status/1870951600136806428) former North Carolina congressional candidate Bo Hines as executive director of a to-be-established Presidential Council of Advisers for Digital Assets, set to be headed by venture capitalist David Sacks. Hines is an advocate for blockchain technology and will collaborate with Sacks to develop regulatory frameworks and explore opportunities for integrating digital assets into the economy. Sacks has experience in tech and decentralized finance and is expected to guide the council’s efforts to foster innovation while addressing security and market stability concerns.### Fake Nakamoto Sentenced to A Year in PrisonCraig Wright, an Australian computer scientist who falsely claimed to be Bitcoin’s pseudonymous creator Satoshi Nakamoto, received in British court a sentence of one year in prison for contempt, though the sentence is suspended for two years. The ruling follows Wright’s 900 billion pound intellectual property claim, which sparked the contempt proceedings, [reported](https://www.independent.co.uk/news/uk/crime/craig-wright-bitcoin-court-london-b2667356.html) The Independent. Wright appeared via video link, refusing to disclose his location and confirming plans to appeal, [reported](https://www.theguardian.com/technology/2024/dec/19/craig-wright-man-who-falsely-claimed-to-be-bitcoin-creator-sentenced-for-continuing-to-sue-developers) The Guardian. A judge previously [ruled](/cryptohack-roundup-230m-wazirx-exploit-in-india-a-25805#nakamoto) that Wright was not Satoshi Nakamoto. The Crypto Open Patent Alliance had initially [sued](https://www.opencrypto.org/2024-03-13-12-reasons-why-Craig-Wright-is-not-Satoshi-Nakamoto/) Wright in April to prevent him from asserting copyright claims over the Bitcoin whitepaper and database.### Interpol Issues Red Notice for Hex FounderInterpol has on Finland’s request [issued](https://www.interpol.int/en/How-we-work/Notices/Red-Notices/View-Red-Notices#2024-65212) a red notice for Richard James Schueler, better known as Richard Heart, founder of Hex and PulseChain. The notice signals a valid national arrest warrant and could lead to extradition if Schueler is detained abroad. Finnish authorities accuse him of tax fraud amounting to ‘hundreds of millions of euros’ and assaulting a 16-year-old. Europol’s website, where Schueler is [listed](https://eumostwanted.eu/#/schueler-richard-james) as one of Europe’s most wanted criminals, outlines these allegations, including his failure to file business tax returns over multiple years and the physical assault incident involving severe injuries to the minor.The charges come as Schueler also [faces](https://www.theblock.co/post/312705/sec-pushes-back-against-hex-founder-richard-hearts-efforts-to-dismiss-case) a U.S. Securities and Exchange Commission lawsuit for allegedly selling unregistered securities through his cryptocurrency ventures. Europol added Schueler to its list on Dec. 18, likely coinciding with the Red Notice’s issuance. In response, Schueler [posted](https://x.com/RichardHeartWin/status/1870595078600937882) cryptic comments on social media, claiming optimism about his future and dismissing adversaries as powerless against his projects.  #### [Rashmi Ramesh](https://www.govinfosecurity.com/authors/rashmi-ramesh-i-4224)*Assistant Editor, Global News Desk, ISMG* Ramesh has seven years of experience writing and editing stories on finance, enterprise and consumer technology, and diversity and inclusion. She has previously worked at formerly News Corp-owned TechCircle, business daily The Economic Times and The New Indian Express.[](https://twitter.com/rashmiramesh_) [](https://www.linkedin.com/in/rashmi-ramesh-57061069/) [](mailto:rramesh@ismg.io)  [whitepaper](https://www.govinfosecurity.com/whitepapers/mobile-app-friction-report-crypto-edition-onboarding-w-9716?rf=RAM_Resources)##### [Mobile App Friction Report: Crypto Edition – Onboarding](https://www.govinfosecurity.com/whitepapers/mobile-app-friction-report-crypto-edition-onboarding-w-9716?rf=RAM_Resources) [whitepaper](https://www.govinfosecurity.com/whitepapers/2021-analysis-geographic-trends-in-cryptocurrency-adoption-usage-w-9307?rf=RAM_Resources)##### [2021 Analysis of Geographic Trends in Cryptocurrency Adoption and Usage](https://www.govinfosecurity.com/whitepapers/2021-analysis-geographic-trends-in-cryptocurrency-adoption-usage-w-9307?rf=RAM_Resources) [whitepaper](https://www.govinfosecurity.com/whitepapers/top-cybersecurity-trends-2021-cryptomining-w-7928?rf=RAM_Resources)##### [Top cybersecurity trends 2021: Cryptomining](https://www.govinfosecurity.com/whitepapers/top-cybersecurity-trends-2021-cryptomining-w-7928?rf=RAM_Resources) [whitepaper](https://www.govinfosecurity.com/whitepapers/digital-documentation-authenticity-integrity-w-7895?rf=RAM_Resources)##### [Digital Documentation: Authenticity and Integrity](https://www.govinfosecurity.com/whitepapers/digital-documentation-authenticity-integrity-w-7895?rf=RAM_Resources) [whitepaper](https://www.govinfosecurity.com/whitepapers/building-future-proof-banks-w-5464?rf=RAM_Resources)##### [Building Future-Proof Banks](https://www.govinfosecurity.com/whitepapers/building-future-proof-banks-w-5464?rf=RAM_Resources) [Critical Infrastructure Security](https://www.govinfosecurity.com/critical-infrastructure-security-c-525)##### [US Congress Authorizes $3B to Replace Chinese Telecom Gear](https://www.govinfosecurity.com/us-congress-authorizes-3b-to-replace-chinese-telecom-gear-a-27160) [Geo-Specific](https://www.govinfosecurity.com/geo-specific-c-518)##### [Year In Review: Australia Expands Cyber Regulation](https://www.govinfosecurity.com/year-in-review-australia-expands-cyber-regulation-a-27159) [Blockchain -& Cryptocurrency](https://www.govinfosecurity.com/blockchain-cryptocurrency-c-483)##### [Cryptohack Roundup: FBI Fingers TraderTraitor for $308M Hack](https://www.govinfosecurity.com/cryptohack-roundup-fbi-fingers-tradertraitor-for-308m-hack-a-27158) [Cybercrime](https://www.govinfosecurity.com/cybercrime-c-416)##### [Breach Roundup: Cyberattack Disrupts Japan Airlines](https://www.govinfosecurity.com/breach-roundup-cyberattack-disrupts-japan-airlines-a-27157) [AI-Driven Security Operations](https://www.govinfosecurity.com/ai-driven-security-operations-c-926)##### [Salt Security Tackles API Risks with AI-Powered Innovations](https://www.govinfosecurity.com/salt-security-tackles-api-risks-ai-powered-innovations-a-27141)[Overview](https://www.govinfosecurity.com/webinars/risk-management-framework-learn-from-nist-w-255) * Twitter* Facebook* LinkedIn* * * From heightened risks to increased regulations, senior leaders at all levels are pressured to improve their organizations’ risk management capabilities. But no one is showing them how – until now.Learn the fundamentals of developing a risk management program from the man who wrote the book on the topic: Ron Ross, computer scientist for the National Institute of Standards and Technology. In an exclusive presentation, Ross, lead author of NIST Special Publication 800-37 – the bible of risk assessment and management – will share his unique insights on how to:* Understand the current cyber threats to all public and private sector organizations;* Develop a multi-tiered risk management approach built upon governance, processes and information systems;* Implement NIST’s risk management framework, from defining risks to selecting, implementing and monitoring information security controls.Presented By———— [Presented By](/authors/ron-ross-i-558)—————————————#### [Ron Ross](/authors/ron-ross-i-558)*Sr. Computer Scientist -& Information Security Researcher, National Institute of Standards and Technology (NIST)*

Related Tags:
NAICS: 48 – Transportation

NAICS: 921 – Executive

Legislative

Other General Government Support

NAICS: 54 – Professional

Scientific

Technical Services

NAICS: 81 – Other Services (except Public Administration)

NAICS: 541 – Professional

Scientific

Technical Services

NAICS: 52 – Finance And Insurance

NAICS: 92 – Public Administration

NAICS: 922 – Justice

Public Order

Safety Activities

NAICS: 522 – Credit Intermediation And Related Activities

Associated Indicators: