DOJ Charges North Korean Hackers With $1.3 Billion Crypto, Cash Theft

North Korea hackers

A national cybersecurity investigation lasting more than two years culminated in charges being levied against alleged hackers from North Korea, the U.S. Department of Justice (DOJ) said in a Wednesday (Feb. 17) press release.

Assistant Attorney General John C. Demers announced the indictment of Jon Chang Hyok, Kim Il and Park Jin Hyok for allegedly stealing $1.3 billion in cash and cryptocurrency. The three are still at large. They are wanted for allegedly taking part in cyberattacks against the U.S. as part of the Reconnaissance General Bureau, North Korea’s military intelligence agency. 

“North Korea’s operatives, using keyboards rather than guns, stealing digital wallets of cryptocurrency instead of sacks of cash, are the world’s leading bank robbers,” the DOJ said, according to the press release.

The trio is thought to be connected or responsible for the theft of roughly $81 million from a Bangladeshi bank, the 2017 WannaCry cyberattack across 150 countries, phishing campaigns against defense and state department employees, and more. They are also thought to have used malicious software to steal over $1.3 billion in cryptocurrency from several organizations.

Known as “Lazarus,” the cyber gang was indicted at the same time charges were levied against Ghaleb Alaumary for reportedly serving as a key money launderer for the North Korean government. Alaumary pleaded guilty to leading a money-laundering organization and is being prosecuted in Georgia. 

The indictment attributes the cybercrime spree to the Democratic People’s Republic of Korea (DPRK), specifically the Reconnaissance General Bureau (RGB), the release indicated. According to the DOJ, the regime used state resources to steal hundreds of millions of dollars.

The DPRK reportedly made off with cryptocurrency from exchanges and other financial institutions, sometimes launching apps with hidden backdoors. 

The U.S. warned in April that there was evidence of cyber threats originating from North Korea. In August, four federal agencies said North Korean hackers tried to make off with almost $2 billion from ATMs in more than three dozen countries.