The US charged three North Korean military hackers Wednesday with participating in a sweeping global cyber heist campaign that targeted more than $1.3 billion in money and cryptocurrency.
The Justice Department identified the individuals as Jon Chang Hyok, Kim Il and Park Jin Hyok. All three allegedly belong to a North Korean military unit known in the cybersecurity community as the Lazarus Group and Advanced Persistent Threat 38, according to court documents.
The unit is formally known as North Korea’s Reconnaissance General Bureau, the Justice Department said.
The indictment, filed in US District Court in Los Angeles, alleges that the suspects were intimately involved in hacks going back to attacks on the entertainment industry that began with the 2014 attack on Sony Pictures for its production of a satirical movie that lambasted North Korea’s leader.
They also include years-long cyber heists that targeted banks in Vietnam, Bangladesh, Taiwan, Mexico, Malta and Africa from 2015 to 2019. The plots sought to steal more than $1.2 billion, according to the Justice Department. The dollar amount of what was stolen was not immediately clear.
A separate attack known as an “ATM cash-out” plot resulted in about $6.1 million stolen from Karachi-based BankIslami Pakistan Limited.
"North Korea’s operatives, using keyboards rather than guns, stealing digital wallets of cryptocurrency instead of sacks of cash, are the world’s leading 21st century nation-state bank robbers."https://t.co/gJwLSPan8n— IJR (@TheIJR) February 18, 2021
The team also carried out a range of sophisticated attacks that targeted cryptocurrency companies that resulted in the theft of more than $111 million of cryptocurrency from companies in Slovenia, Indonesia and New York from 2017 to 2020.
“North Korea’s operatives, using keyboards rather than guns, stealing digital wallets of cryptocurrency instead of sacks of cash, are the world’s leading 21st century nation-state bank robbers,” Assistant Attorney General John Demers told reporters on a conference call.
Separately, Ghaleb Alaumary, a 37-year-old US-Canadian dual-citizen has agreed to plead guilty to laundering money for the indicted North Korean hackers.
The Justice Department described him as a “prolific money launderer for hackers engaged in ATM cash-out schemes, cyber-enabled bank heists, business email compromise (BEC) schemes, and other online fraud schemes.”
Alaumary is also being prosecuted for alleged involvement in another scheme by the US Attorney’s Office for the Southern District of Georgia.
Anadolu with additional input by GVS News Desk