The United States Department of Justice has given three North Korean hackers a formal notice that it is believed that they have actively been committing cybercrimes and have been plotting to steal approximately $1.3B from businesses, among many other crimes such as bank thefts and cryptocurrency heists. The three men who appear to be members of a North Korean military intelligence service are accused of developing a wide-ranging scheme to commit cyberattacks and financial crimes worldwide.
According to the indictment papers released by the United States Attorney’s Office of Central District of California, the perpetrators were also close to creating and deploying multiple malicious cryptocurrency applications, as well as developing and operating a fraudulent blockchain platform. Overall, the three men are responsible for some of the most damaging cyberattacks ever.
The indictment is not new but is an expansion of the 2018 case that detailed the attack on Sony Pictures and the creation of the popular WannaCry ransomware. The addition to the already existing case also lists two new defendants and schemes that the hackers developed to steal money and cryptocurrency from high-profile organizations from all over the world, including the USA and Canada.
According to Acting U.S. Attorney Tracy L. Wilkison, the scope of hackers’ criminal conduct was extensive and long-running. Some of the illegal actions listed in the indictment list as far back as 2014 when the hackers, angered by an American political action-comedy film called The Interview, sent threatening communications to Sony Pictures employees and attacked AMC Theatres.
The U.S. attorney also said that the hackers’ actions would not stop at anything to get revenge and steal money that would help North Korea’s dictatorship. He described the crimes as “staggering” as the attacks on Sony and AMC back in 2014 have been just the tip of the iceberg of computer fraud committed by the trio over the last seven years.
The alleged North Korean criminals are Jon Chang Hyok (전창혁), 31; Kim Il (김일), 27; and Park Jin Hyok (박진혁), 36. Even though they are young-aged, the criminals mastered bank and wire fraud schemes, supported the North Korean regime, and stole millions from businesses over the years. There is solid proof that they have actively supported North Korean-backed hacker groups known as Lazarus Group and APT38 (Advanced Persistent Threat 38). They have been operating from various places around the world, including China, Russia, and Singapore.