U.S. indicts North Koreans in wave of global cyberattacks

Federal prosecutors on Wednesday announced charges against three North Korean government hackers for allegedly participating in cyber operations including the 2014 Sony Pictures Entertainment hack, the 2017 WannaCry ransomware attack and a range of digital bank heists.

The three men — Jon Chang Hyok, Kim Il and Park Jin Hyok — allegedly worked for North Korea’s Reconnaissance General Bureau on a team known by security researchers as the Lazarus Group or APT 38, one of the regime’s most active units.

“North Korea’s operatives, using keyboards rather than guns, stealing digital wallets of cryptocurrency instead of sacks of cash, are the world’s leading bank robbers,” John Demers, the assistant attorney general for national security, said in a statement.

In addition to hacking Sony and banks in Vietnam, Mexico, Taiwan and other countries, the defendants developed malware-laden cryptocurrency apps that would give them access to victims’ computers, according to the newly unsealed indictment.

They also allegedly tried to steal more than $100 million from hundreds of cryptocurrency firms, including an unnamed financial services company in New York.

The indictment also alleges that the hackers sent spearphishing emails to a wide range of U.S. companies and agencies, including defense contractors, energy and aerospace firms, the State Department and the Pentagon.

In a second announcement on Wednesday, the U.S. charged a Canadian man, Ghaleb Alaumary, with helping North Korea launder money stolen through criminal schemes such as those contained in the new indictment. Alaumary already faces separate cybercrime charges in Georgia.

The U.S. previously charged Park for his role in some of North Korea’s most infamous cyber operations in 2018.


About the author


Leave a Comment