-1280x720.jpg)
-1280x720.jpg?v=1)
Join our daily newsletter At The Bell to receive exclusive market insights
- The U.S. Department of Justice (DoJ) has charged three North Korean military hackers for stealing nearly $2 billion worth of money and cryptocurrency
- The hackers are said to be members of the Reconnaissance General Bureau — an intelligence agency of the North Korean military known for engaging in criminal hacking
- Among other charges, the men have been indicted for launching cyberattacks against U.S. entertainment companies, hacking into and robbing a string of banks across Asia, North America and Africa, and creating and deploying ransomware
- General John C. Demers, the Assistant Attorney of the DoJ’s National Security Division, said the hackers are the “world’s leading bank robbers”
- While the exact figure is unknown, it’s predicted the men stole a total of US$1.3 billion (roughly A$1.7 billion) in money and cryptocurrency
- Meanwhile, an Ontario man has separately pleaded guilty to laundering some of the hackers’ money
The U.S. Department of Justice (DoJ) has charged three North Korean military hackers for stealing nearly $2 billion worth of money and cryptocurrency.
Labelled as the “world’s leading bank robbers”, Jon Chang Hyok, 31, Kim Il, 27, and Park Jin Hyok, 36, have been indicted by the United States’ Justice Department.
The charges include a string of online bank heists, cyberattacks on the entertainment industry, extortion-based computer virus creation, cryptocurrency theft, and more across Asia, North America and Africa.
It’s estimated the Korean hackers stole around US$1.3 billion (roughly A$1.7 billion) in money and cryptocurrency.
The three men are said to be members of the Reconnaissance General Bureau (RGB) — an intelligence agency of the North Korean military known for engaging in criminal hacking.
“As laid out in today’s indictment, North Korea’s operatives, using keyboards rather than guns, stealing digital wallets of cryptocurrency instead of sacks of cash, are the world’s leading bank robbers,” General John C. Demers, the Assistant Attorney of the DoJ’s National Security Division, said.
Acting U.S. Attorney for the Central District of California Tracy Wilkinson said the scope of the hackers’ criminal conduct was “extensive and long-running”, and the range of crimes committed is “staggering”.
“The conduct detailed in the indictment are the acts of a criminal nation-state that has stopped at nothing to exact revenge and obtain money to prop up its regime,” she said.
The crimes are spread out from 2014 through to 2020 and did not only originate from North Korea; the DoJ said RGB unit members were at times stationed in their home country and at other times in Russia and China.
Entertainment industry attacks
Some of the cyberattacks occurred against Sony Pictures Entertainment in November 2014 in what the DoJ said was retaliation for Sony’s film “The Interview”, a comedy depicting the fictional assassination of North Korea’s leader, Kim Jong Un.
North Korean hackers also targetted AMC Theatres, which was scheduled to screen the film, and other studios producing material involving North Korea.
At the time, hackers allegedly left chilling messages threatening to attack U.S. cinemas screening The Interview, including direct references to the September 11 attacks.
The hackers also released a trove of private Sony company data, including social security numbers, salary details and emails that were supposed to be secure.
Sony’s film ended up being cancelled in theatres but is still available for viewing online.
Online bank robbery
The three hackers have also been charged with involvement in a string of cyber heists from banks in Vietnam, Bangladesh, Taiwan, Mexico, Malta and Africa.
Allegedly, the North Korean programmers hacked into the banks’ computer networks and sent fraudulent messages claiming to be from the Society for Worldwide Interbank Financial Telecommunications (SWIFT).
SWIFT is a global network designed to help banks make secure and reliable payments to other financial institutions across the world.
The cyberattacks, which occurred from 2015 through to 2019, targetted US$1.2 billion (around A$1.55 billion) from the international banks, though exactly how much was stolen is uncertain given some of the thefts were either stopped or reversed.
On top of this, the DoJ has charged the hackers with creating malicious fake cryptocurrency applications that give them access to the victims’ computers and stealing tens of millions of dollars’ worth of cryptocurrency from various companies around the world.
Ransomware creation and deployment
The Justice Department has pinned the blame on these same North Korean hackers for creating the WannaCry 2.0 ransomware in May 2017, which hit Britain’s National Health Service soon after its release.
Ransomware is a type of computer virus that seizes control of a user’s device and keeps all files locked away and encrypted unless the victim pays the hackers a certain amount of money by a deadline; if the deadline is missed, the computer is wiped clean and the information is gone forever.
Typically, hackers make good on their word and release all of the encrypted files once the payment has been made so future victims know they can recover their information if they pay up.
The North Korean hackers have been indicted in several other cybercrimes, while an Ontario man has separately pleaded guilty to laundering some of the hackers’ money.
