The United States federal authorities announced on Wednesday the indictment of three North Korean computer hackers for conspiring and conducting cyberattacks, thus stealing more than $1.3 billion in fiat and cryptocurrencies from financial institutions and companies.
The three programmers, 31-year-old Jon Chang Hyok, 27-year-old Kim Il and Park Jin Hyok, 37-year-old, are believed to members of North Korea’s notorious intelligence agency, Reconnaissance General Bureau (RGB).
The indictment filed with the District Court in Los Angeles accused the programmers of creating and deploying ‘multiple malicious cryptocurrency applications, and to develop and fraudulently market a blockchain platform’.
Interestingly, one of the accused, Park was earlier charged in a criminal complaint, which was unsealed in September 2018.
RGB-sponsored hacking groups like Lazarus and Advanced Persistent Threat 38 (APT38) were infamous for coordinated cyberattacks around the globe. The three programmers were part of a larger conspiracy, which was undertaking cyberattacks in the United States and abroad.
‘Keyboards Rather Than Guns’
Employees of the US Defense Department and the State Department, defense contractors and workers of key sectors like energy, aerospace and tech were targeted by these hackers in ‘spear-phishing campaigns’ from 2016 through to early 2020.
Additionally, they took control over bank ATMs and stole from banks in Vietnam, Bangladesh, Taiwan, Mexico, Malta and Africa by hacking into the computer network and sending fraudulent SWIFT messages.
These hackers further created the WannaCry 2.0 ransomware and tried to extort large sums from several companies.
“As laid out in today’s indictment, North Korea’s operatives, using keyboards rather than guns, stealing digital wallets of cryptocurrency instead of sacks of cash, are the world’s leading bank robbers,” said Assistant Attorney General, John Demers of the justice department’s national security division.
In addition to the three North Korean programmers, the authorities charged Ghaleb Alaumary, who already pled guilty to laundering money for North Korean cyberattack conspirators. He organized teams to launder the ill-gotten millions of dollars in the United States and Canada.
The involvement of North Korea in cybercrimes has been known for a while. In a recent report, the United Nations pointed out the regime’s role in attacking cryptocurrency exchanges for years. The concerning part is these funds are being used for the state’s weapons program.
Chainalysis, a New York-based blockchain analytics firm, estimated that Lazarus siphoned more than $1.75 billion worth of cryptocurrencies from exchanges in 2018 and 2019.
“The scope of the criminal conduct by the North Korean hackers was extensive and long-running, and the range of crimes they have committed is staggering,” Tracy Wilkinson, the acting US Attorney for the central district of California, said.