The Department of Justice has unsealed charges against three alleged North Korean hackers. It accused them of conspiring to carry out a string of cyberattacks and to steal and extort over $1.3 billion in cash and cryptocurrency from businesses and banks. The indictment also claims they conspired to develop and release malicious cryptocurrency apps.
Among other crimes, the alleged hackers are accused of stealing tens of millions of dollars worth of cryptocurrency. According to the indictment, they conducted spear-phishing campaigns against the Department of State and Department of Defense, as well as tech, energy and aerospace companies.
Additionally, officials claim the individuals ran a blockchain scheme that offered prospective investors a stake in marine shipping vessels. The DOJ says that enabled North Korea “to secretly obtain funds from investors, control interests in marine shipping vessels and evade US sanctions.”
Park Jin Hyok, one of the defendants, was previously charged in connection with the 2014 Sony Pictures hack and the 2017 WannaCry ransomware attack. Officials claim that the defendants all work for North Korea’s military intelligence agency, the Reconnaissance General Bureau.
Jon, Kim and Park have each been charged with one count of conspiracy to commit computer fraud and abuse, and one count of conspiracy to commit wire fraud and bank fraud. The DOJ also revealed that a Canadian-American citizen pled guilty to acting as a money launderer for the alleged hackers.
“As laid out in today’s indictment, North Korea’s operatives, using keyboards rather than guns, stealing digital wallets of cryptocurrency instead of sacks of cash, are the world’s leading bank robbers,” Assistant Attorney General John C. Demers, of the DOJ’s National Security Division, said in a statement. “The department will continue to confront malicious nation state cyber activity with our unique tools and work with our fellow agencies and the family of norms abiding nations to do the same.”
Federal officials have linked alleged North Korean hackers to other attacks in recent years. In 2018, the FBI and Department of Homeland Security accused a group called Hidden Cobra of infiltrating the worldwide media, aerospace, financial and critical infrastructure industries.