POST Online Media Lite Edition



 

Three North Korean military hackers indicted in cyberattacks, financial crimes

Christian Fernsby |
A federal indictment unsealed today charges three North Korean computer programmers with participating in a wide-ranging criminal conspiracy to conduct a series of destructive cyberattacks, to steal and extort more than $1.3 billion of money and cryptocurrency from financial institutions and companies, to create and deploy multiple malicious cryptocurrency applications, and to develop and fraudulently market a blockchain platform.

Article continues below



Topics: NORTH KOREA   

A second case unsealed today revealed that a Canadian-American citizen has agreed to plead guilty in a money laundering scheme and admitted to being a high-level money launderer for multiple criminal schemes, including ATM “cash-out” operations and a cyber-enabled bank heist orchestrated by North Korean hackers.

“As laid out in today’s indictment, North Korea’s operatives, using keyboards rather than guns, stealing digital wallets of cryptocurrency instead of sacks of cash, are the world’s leading bank robbers,” said Assistant Attorney General John C. Demers of the Justice Department’s National Security Division.

“The Department will continue to confront malicious nation state cyber activity with our unique tools and work with our fellow agencies and the family of norms abiding nations to do the same.”

“Today's unsealed indictment expands upon the FBI’s 2018 charges for the unprecedented cyberattacks conducted by the North Korean regime,” said the FBI Deputy Director Paul Abbate. “The ongoing targeting, compromise, and cyber-enabled theft by North Korea from global victims was met with the outstanding, persistent investigative efforts of the FBI in close collaboration with U.S. and foreign partners. By arresting facilitators, seizing funds, and charging those responsible for the hacking conspiracy, the FBI continues to impose consequences and hold North Korea accountable for its/their criminal cyber activity."

“The scope of the criminal conduct by the North Korean hackers was extensive and long-running, and the range of crimes they have committed is staggering,” said Acting U.S. Attorney Tracy L. Wilkison for the Central District of California. “The conduct detailed in the indictment are the acts of a criminal nation-state that has stopped at nothing to extract revenge and obtain money to prop up its regime.”

“This case is a particularly striking example of the growing alliance between officials within some national governments and highly sophisticated cyber-criminals,” said U.S. Secret Service Assistant Director Michael R. D’Ambrosio.

“The individuals indicted today committed a truly unprecedented range of financial and cyber-crimes: from ransomware attacks and phishing campaigns, to digital bank heists and sophisticated money laundering operations.

"With victims strewn across the globe, this case shows yet again that the challenge of cybercrime is, and will continue to be, a struggle that can only be won through partnerships, perseverance, and a relentless focus on holding criminals accountable.”

The hacking indictment filed in the U.S. District Court in Los Angeles alleges that Jon Chang Hyok; Kim Il; and Park Jin Hyok were members of units of the Reconnaissance General Bureau (RGB), a military intelligence agency of the Democratic People’s Republic of Korea (DPRK), which engaged in criminal hacking.

These North Korean military hacking units are known by multiple names in the cybersecurity community, including Lazarus Group and Advanced Persistent Threat 38 (APT38). Park was previously charged in a criminal complaint unsealed in September 2018.

The indictment alleges a broad array of criminal cyber activities undertaken by the conspiracy, in the United States and abroad, for revenge or financial gain. The schemes alleged include:

Cyberattacks on the Entertainment Industry: The destructive cyberattack on Sony Pictures Entertainment in November 2014 in retaliation for “The Interview,” a movie that depicted a fictional assassination of the DPRK’s leader; the December 2014 targeting of AMC Theatres, which was scheduled to show the film; and a 2015 intrusion into Mammoth Screen, which was producing a fictional series involving a British nuclear scientist taken prisoner in DPRK.

Cyber-Enabled Heists from Banks: Attempts from 2015 through 2019 to steal more than $1.2 billion from banks in Vietnam, Bangladesh, Taiwan, Mexico, Malta, and Africa by hacking the banks’ computer networks and sending fraudulent Society for Worldwide Interbank Financial Telecommunication (SWIFT) messages.

Cyber-Enabled ATM Cash-Out Thefts: Thefts through ATM cash-out schemes – referred to by the U.S. government as “FASTCash” – including the October 2018 theft of $6.1 million from BankIslami Pakistan Limited (BankIslami).

Ransomware and Cyber-Enabled Extortion: Creation of the destructive WannaCry 2.0 ransomware in May 2017, and the extortion and attempted extortion of victim companies from 2017 through 2020 involving the theft of sensitive data and deployment of other ransomware.

Creation and Deployment of Malicious Cryptocurrency Applications: Development of multiple malicious cryptocurrency applications from March 2018 through at least September 2020 – including Celas Trade Pro, WorldBit-Bot, iCryptoFx, Union Crypto Trader, Kupay Wallet, CoinGo Trade, Dorusio, CryptoNeuro Trader, and Ants2Whale – which would provide the North Korean hackers a backdoor into the victims’ computers.

Targeting of Cryptocurrency Companies and Theft of Cryptocurrency: Targeting of hundreds of cryptocurrency companies and the theft of tens of millions of dollars’ worth of cryptocurrency, including $75 million from a Slovenian cryptocurrency company in December 2017; $24.9 million from an Indonesian cryptocurrency company in September 2018; and $11.8 million from a financial services company in New York in August 2020 in which the hackers used the malicious CryptoNeuro Trader application as a backdoor.

Spear-Phishing Campaigns: Multiple spear-phishing campaigns from March 2016 through February 2020 that targeted employees of United States cleared defense contractors, energy companies, aerospace companies, technology companies, the U.S.Department of State, and the U.S. Department of Defense.

Marine Chain Token and Initial Coin Offering: Development and marketing in 2017 and 2018 of the Marine Chain Token to enable investors to purchase fractional ownership interests in marine shipping vessels, supported by a blockchain, which would allow the DPRK to secretly obtain funds from investors, control interests in marine shipping vessels, and evade U.S. sanctions.


What to read next

Korean Air fined $1.2 million for unfair deals with affiliates
Three Ukrainians arrested for hacking over 100 U.S. companies
Russian hacker who helped in attacks on American companies sentenced to 12 years in prison

Fiona batters Atlantic Canada with destructive winds, sets records

 
Post-tropical cyclone Fiona made landfall in eastern Nova Scotia Saturday morning.
 
 

Latest

Noritake tableware, to pass down to the new generation as an heirloom
Toyota closes its production facility in Russia
South Korea lifts mask wearing restrictions from Monday
SEC charges Compass Minerals for misleading investors about its operations at world’s largest underground salt mine

NEWS

Typhoon lashes central Japan killing two

Children in Sudan in middle of perfect storm of crises
Poland: Four persons offering GetBack bonds detained by CBA
Ecuadorian police seize 3.5 tons of cocaine
6.4 magnitude quake jolts western Indonesia
U.S.: Fiona producing life-threatening surf and rip currents to east coast
 

BUSINESS

Work to begin on Swiss backup power plant

Number of active U.S. drilling rigs up this week
ScotRail workers to strike over pay
South Korea attracts $1.15 bn investment from U.S.
UK's Trades Union Congress: Tax cuts helps corporations and wealthy
Six ships left Ukrainian ports carrying grain, other food products
 

Trending Now

Philippines in talks to buy Russian fuel

ScotRail workers to strike over pay

Fiona batters Atlantic Canada with destructive winds, sets records

Noritake tableware, to pass down to the new generation as an heirloom


POLITICS

Families in British Columbia will save big as child care fees cut as much as $550 more per month

North Dakota Governor announces apprenticeship program at tribal colleges in partnership with energy companies
Scotland: UK Chancellor’s measures fail to target support
Philippines in talks to buy Russian fuel
Ireland launches solar panel grant scheme for businesses
New Jersey Governor increasing offshore wind goal to 11,000 MW by 2040
 

Today We Recommend

Children in Sudan in middle of perfect storm of crises


Highlights 

Enabled Intelligence to create 117 new jobs in Fairfax County, Virginia

Pangiam will create 201 new jobs in Fairfax County, Virginia

Target to hire 100,000 holiday workers


COMPANIES

Hopium chooses Normandy for its first industrial site

Vianode invests $188 million in battery materials plant in Norway
Adnoc and Taqa close $3.8 billion contract for Lightning project
Snow Lake Lithium and LG Energy Solution to establish lithium supply chain in North America
Ford breaks ground on $5.6 billion complex for EVs, batteries
Barrows Hotel Enterprises closes 110-million-dollar Hotel Advisory Deal for Zambia
 

CAREERS

Paul Boudre appointed chairman of UnitySC

Serge Lupas appointed as CEO of Cyclomedia
Tidewater Renewables appoints Ray Kwan as CFO
JBS USA names Jason Weller chief sustainability officer
Orange County Bancorp appoints Marianna R. Kennedy to board
Ecobat appoints new chief financial officer
 

ECONOMY

Germany's manufacturing activity at 27-month low

UK private sector falls at fastest pace since January 2021
Unemployment rates drop in every county across Tennessee
U.S. Leading Economic Index fell in August
Egypt keeps interest rates unchanged
U.S. mortgage rates highest since 2008
 

EARNINGS

Costco Q4 net sales increased 15.2 percent

FedEx Q1 profit down
Accenture Q4 revenues increased 15%
Darden Restaurants Q1 income drops
KB Home Q3 profit rises
H.B. Fuller Q3 profit rises
 

OP-ED

Micromanaging is the worst enemy of efficiency and teamwork

Niger set to monetize massive gas reserves through Saharan natural gas pipeline
Putting the brakes on EV folly that choked the market
Oil discovery in Kavango Basin may mean huge benefits for Namibians
Cape Town and Dubai battle over Africa's energy future
Is America going to lose its superpower status?
 

AGRIFISH

Province supporting made-in-Ontario fertilizer solutions for farmers

Taiwan customs seize Chilean apples due to pesticide levels
Denmark to allow mink breeding again from 2023
New Zealand to take extra measures to target pocket of M. bovis infection
Vietnamese giants invest tens of millions in pig market valued at $15 billion
UWRF and DATCP partner to support Wisconsin meat industry with high school curriculum
 

LEADERSHIP

Cybervetting can have pronounced impact on workforce by broadening discrimination

Female managers pay fairer
Pitch quality of CEO voices rests entirely on gender
Employee turnover costs more than you think
51% of supply chain leaders increased number of network locations
If company overcomes post-IPO innovation slump, it will survive longer
 

CRIME

SEC charges Cheetah Mobile’s CEO and its former president with insider trading

Stockholm bourse fines SAS $175,000 over pilot strike information
Boeing to pay $200 million to settle SEC charges that it misled investors about 737 MAX
Germany: EIB supports vehicle development and international expansion of EVUM Motors
Gol to pay $70 million to settle SEC charges
Akorn to pay $7.9 million for allegedly causing medicare to pay for invalid prescription drugs
 

Magazine

TRAVEL

Anantara Grand Hotel Krasnapolsky Amsterdam opens

Grand festive season in India starts with Navratri
300 artists from 65 nations will participate in Qatar International Art Festival
Hilton Hiroshima hotel opens in Japan
175 room Thompson Madrid hotel opens
Colorfest Balloon Rally in Pagosa Springs, Co., brings a lot of joy
 

SEA, LAND, AIR

Caterham Super Sevens, true joy of ride

New Ford Mustang brings digital cockpit, new engines and style
Ram 1500 Limited Elite Edition joins lineup for 2023
2023 GMC Canyon AT4X, new midsize truck
Shelby Code Red, $210,000+ to upgrade your Ford Mustang
Zero Motorcycles SR/S electric bike, effortless power, effortless control
 

DESIGN

Tecnografica wallcoverings from the land of ceramic

Poliform, kitchens for extraordinary homes
Luxury vinyl tiles, ideal combination of everything
LED lamps, long-lasting light for every space in your home
Clean and luxurious men's watches
Nobody's Child, everybody's favorite
 

GADGETS

Leica S3, made in Germany for great pictures

Sennheiser HD 300 PROtect, pro headphones that protect your ears
HP Dragonfly Folio G3, very very good laptop for business users
Nokia PureBook Fold and PureBook Lite, flexibility and stylish design
Tascam 202MKVII, professional dual cassette deck
Bose Frames Tenor, glasses for music and calls
 

HEALTH

UK: Second vaccine doses to be offered to those at highest risk from monkeypox

White House announces $1.5 billion to prevent opioid overdose deaths
Pfizer applies to Swissmedic for authorisation of second bivalent COVID-19 vaccine
Pfizer, Sangamo Therapeutics in Phase 3 trial of investigational gene therapy for Hemophilia A, reopened recruitment
Merck to initiate new Phase 3 clinical program with lower dose of Islatravir with Doravirine for HIV-1
Brazil invests around $583,000 in research on monkeypox virus
 

MEANTIME

Search for clues may explain collapse of ancient city in Mexico

Astronomers unveil new and puzzling features of mysterious fast radio bursts
Earth-like exoplanets unlikely to be another 'pale blue dot'
New evidence for habitability in ocean of Saturn's moon Enceladus
NASA's Perseverance rover finds strong signal of organic matter on Mars
Sea level rise increasing at faster rate around Aotearoa New Zealand