North Korean Hackers Added to $1.3 Billion DoJ Charge

Reading Time: 2 minutes
  • Three North Koreans, alleged to be working for the state’s cyberattack unit, have been added to a $1.3 billion hacking case
  • The Department of Justice has expanded the reach of its investigation, which includes the creation of malicious cryptocurrency apps and exchange hacks
  • North Korean hackers are thought to have been behind billions of dollars’ worth of cryptocurrency thefts

Three North Koreans have been added to a wide-ranging $1.3 billion cyberattack scheme that targeted movie studios, banks, companies, and the cryptocurrency industry. The Department of Justice (DoJ) added the three accused North Korean hackers to the case, which was opened in 2018, as well as opening a second case into the state-sponsored operations, labelling the nation as “the world’s leading bank robbers.”

Trio Members of Lazarus Group

The DoJ announced the additional suspects in a press release earlier this week, naming Jon Chang Hyok, 31; Kim Il, 27; and Park Jin Hyok, 36, as members the Reconnaissance General Bureau (RGB), a military intelligence wing of the Democratic People’s Republic of Korea (DPRK). This unit is better known by other names, including Lazarus Group and Advanced Persistent Threat 38 (APT38), and is responsible for multiple cryptocurrency exchange hacks as well as other types of crypto theft.

Jon, Kim, and Park have been charged with conspiracy to commit computer fraud and abuse conspiracy to commit wire fraud and bank fraud, charges which could see them imprisoned for up to 30 years.

North Korean Hackers Created Crypto Apps to Steal Funds

The DoJ case as a whole takes in a wide range of hacking activities, including the hack on Sony Pictures in 2014, the WannaCry malware episode in 2017, and a number of fraudulent cryptocurrency apps that afforded the North Korean hackers a backdoor into victims’ computers. The group also targeted cryptocurrency companies and exchanges, stealing billions of dollars’ worth of cryptocurrency in the process, the most recent of which being the KuCoin hack of last September.