DOJ charges North Korean programmers over hacking scheme to steal $1.3B

  • DOJ charges North Korean programmers over hacking scheme to steal $1.3B

DOJ charges North Korean programmers over hacking scheme to steal $1.3B

In addition to the earlier charges, the three allegedly operated out of North Korea, Russia and China to hack computers using spearfishing techniques, and to promote cryptocurrency applications loaded with malicious software that allowed them to empty victims' crypto wallets.

Alaumary helped arrange for money to be removed from ATMs hacked by the North Korean operation.

The group, which earned a place in the USA government's sanctions list in 2019, has been linked into a wide array of criminal cyber activities, both in the US and overseas, including the destructive WannaCry ransomware outbreak of 2017, the SWIFT attacks on banks and ATM networks to steal more than $1.2 billion, conducting spear-phishing campaigns, and carrying out cryptocurrency thefts amounting to at least $112 million.

In an indictment unsealed Wednesday, a federal grand jury in Los Angeles charged that Jon Chang Hyok, Kim Il and Park Jin Hyok attacked banks, entertainment companies, online casinos, defense contractors, energy utilities and others in the U.S., Bangladesh, Mexico, Indonesia, Britain, Vietnam, Pakistan and other countries.

Park was previously charged in 2018 in connection with the WannaCry and Sony Pictures attacks.

Their hacking campaign allowed them to steal hundreds of millions of United States dollars, for instance, getting away with roughly $140 million by breaching Bangladesh Bank [1, 2], Banco de Chile, and the Far Eastern International Bank of Taiwan.

Among the hacks they are accused of was one aimed at Sony Pictures Entertainment in 2014 over the Hollywood movie "The Interview", which made fun of the regime.

The department charges that the group either stole or attempted to steal a total of more than 1.3 billion dollars of money and cryptocurrency, including the theft of 81 million dollars from a bank in Bangladesh in 2016.

The men are also accused of being part of the Wannacry cyber-attack of 2017, which crippled United Kingdom health service computer systems on a national scale.

The three are accused of developing several malicious cryptocurrency applications, which provided them a back door into victims' computers.

Confirmed thefts attributed to the group include the 2016 hacking of the SWIFT payment system for Bangladesh Bank, which netted thieves $81 million; $6.1 million in a 2018 ATM cash out scheme targeting a Pakistani bank; and a total of $112 million in virtual currencies stolen between 2017 and 2020 from cryptocurrency companies in Slovenia, Indonesia and NY.

Marine Chain Token and Initial Coin Offering: Development and marketing in 2017 and 2018 of the Marine Chain Token to enable investors to purchase fractional ownership interests in marine shipping vessels, supported by a blockchain, which would allow the DPRK to secretly obtain funds from investors, control interests in marine shipping vessels, and evade USA sanctions.

But today's indictments expanded the range of crimes attributed to Park and his alleged co-conspirators, including cryptocurrency thefts, phony cryptocurrency investment schemes and apps, and efforts to launder the proceeds of their crimes. "And they are the only way in which the Department speaks".

Nevertheless, the Justice Department says the indictment is a way to rally the world against North Korea's computer hacking.

Federal Bureau of Investigation (FBI), among other agencies, investigated the cryptocurrencies stolen by the Lazarus Group.