North Korean hackers accused of stealing millions of dollars are arrested

The US Department of Justice (DOJ) released a report about the filing of charges against three North Korean citizens accused of stealing more than $1.3 billion USD in cash and cryptocurrency after attacking the networks of banks, entertainment companies, cryptocurrency exchange platforms, among other organizations. These individuals are hackers trained by the North Korean government and belong to the General Recognition Bureau (RGB), a North Korean military agency that also participates in malicious hacking campaigns.

Jon Chang Hyok, Kim Il, and Park Jin Hyok were accused of planning a complex conspiracy to carry out hacking and electronic fraud tasks on behalf of the North Korean government.

The authorities claim that these hackers participated in all kinds of criminal campaigns in order to deploy devastating cyberattacks and extort multiple organizations, an activity that represented millions of dollars in illicit profits, as well as seeking anonymity using a blockchain platform.

RGB (also identified as APT38, Lazarus Group or Hidden Cobra) has participated in other relevant hacking incidents, including the cyberattack targeting Sony Pictures a few years ago, and even attacking multiple banks globally, generating millions of dollars in profits. In addition to these attacks, other well-known and documented practices related to this group include:

  • Deployment of ransomware attacks
  • Jackpotting attacks
  • Development and distribution of malicious mobile apps related to cryptocurrencies
  • Attacks on virtual asset exchange platforms

The DOJ argues that the main goal of these hacking groups is to promote the political and economic interests of the government of the Democratic People’s Republic of Korea, and its ruler Kim Jong Un, as well as causing severe damage to the information systems of strategic organizations around the world and steal confidential information.

On the basis of these allegations, Assistant Secretary of Justice John C. Demers mentions: “Criminal charges brought against these individuals are exceptionally credible, we can prove each of the charges charged are the mere use of unclassified admissible evidence; the DOJ has never expressed in any other way about criminal conduct.” So far the sentence faced by these three individuals is unknown, although it is estimated that they could face up to 30 years in prison.

Moreover, the United Nations (UN) estimates that, during 2019, losses from North Korea-linked hacking incidents reached $2 billion USD through a total of 35 cyberattacks against some of the world’s largest cryptocurrency exchange banks and platforms, a figure that significantly surpasses the 2018 losses, estimated at $570 million USD.