Security News > 2021 > February > US indicts North Korean hackers for stealing $1.3 billion
The U.S. Department of Justice has charged three North Koreans for stealing $1.3 billion in money and cryptocurrency in attacks on banks, the entertainment industry, cryptocurrency companies, and more.
The defendants are state-sponsored North Korean hackers and members of Reconnaissance General Bureau units, a North Korean military intelligence agency that has engaged in criminal hacking operations.
According to DOJ, the three North Koreans have been "Participating in a wide-ranging criminal conspiracy to conduct a series of destructive cyberattacks, to steal and extort more than $1.3 billion of money and cryptocurrency from financial institutions and companies, to create and deploy multiple malicious cryptocurrency applications, and to develop and fraudulently market a blockchain platform."
Creation and Deployment of Malicious Cryptocurrency Applications: Development of multiple malicious cryptocurrency applications from March 2018 through at least September 2020 - including Celas Trade Pro, WorldBit-Bot, iCryptoFx, Union Crypto Trader, Kupay Wallet, CoinGo Trade, Dorusio, CryptoNeuro Trader, and Ants2Whale - which would provide the North Korean hackers a backdoor into the victims' computers.
Targeting of Cryptocurrency Companies and Theft of Cryptocurrency: Targeting of hundreds of cryptocurrency companies and the theft of tens of millions of dollars' worth of cryptocurrency, including $75 million from a Slovenian cryptocurrency company in December 2017; $24.9 million from an Indonesian cryptocurrency company in September 2018; and $11.8 million from a financial services company in New York in August 2020 in which the hackers used the malicious CryptoNeuro Trader application as a backdoor.
The U.S. Treasury also sanctioned three North Korean hacking groups engaged in funneling stolen financial assets to the North Korean government.
News URL
Related news
- US sanctions Chinese company linked to Flax Typhoon hackers (source)
- US Treasury hack linked to Silk Typhoon Chinese state hackers (source)
- Treasury hackers also breached US foreign investments review office (source)
- US cracks down on North Korean IT worker army with more sanctions (source)
- US sanctions Chinese firm, hacker behind telecom and Treasury hacks (source)
- Hackers game out infowar against China with the US Navy (source)
- Subaru Starlink flaw let hackers hijack cars in US and Canada (source)
- North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS (source)
- Spain arrests suspected hacker of US and Spanish military agencies (source)
- Suspected NATO, UN, US Army hacker arrested in Spain (source)