Security News > 2021 > February > US indicts North Korean hackers for stealing $1.3 billion
The U.S. Department of Justice has charged three North Koreans for stealing $1.3 billion in money and cryptocurrency in attacks on banks, the entertainment industry, cryptocurrency companies, and more.
The defendants are state-sponsored North Korean hackers and members of Reconnaissance General Bureau units, a North Korean military intelligence agency that has engaged in criminal hacking operations.
According to DOJ, the three North Koreans have been "Participating in a wide-ranging criminal conspiracy to conduct a series of destructive cyberattacks, to steal and extort more than $1.3 billion of money and cryptocurrency from financial institutions and companies, to create and deploy multiple malicious cryptocurrency applications, and to develop and fraudulently market a blockchain platform."
Creation and Deployment of Malicious Cryptocurrency Applications: Development of multiple malicious cryptocurrency applications from March 2018 through at least September 2020 - including Celas Trade Pro, WorldBit-Bot, iCryptoFx, Union Crypto Trader, Kupay Wallet, CoinGo Trade, Dorusio, CryptoNeuro Trader, and Ants2Whale - which would provide the North Korean hackers a backdoor into the victims' computers.
Targeting of Cryptocurrency Companies and Theft of Cryptocurrency: Targeting of hundreds of cryptocurrency companies and the theft of tens of millions of dollars' worth of cryptocurrency, including $75 million from a Slovenian cryptocurrency company in December 2017; $24.9 million from an Indonesian cryptocurrency company in September 2018; and $11.8 million from a financial services company in New York in August 2020 in which the hackers used the malicious CryptoNeuro Trader application as a backdoor.
The U.S. Treasury also sanctioned three North Korean hacking groups engaged in funneling stolen financial assets to the North Korean government.
News URL
Related news
- A “cascade” of errors let Chinese hackers into US government inboxes (source)
- US Health Dept warns hospitals of hackers targeting IT help desks (source)
- Microsoft Warns: North Korean Hackers Turn to AI-Fueled Cyber Espionage (source)
- NSA warns of North Korean hackers exploiting weak DMARC email policies (source)
- North Korean Hackers Deploy New Golang Malware 'Durian' Against Crypto Firms (source)
- North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign (source)
- US woman allegedly aided North Korean IT workers infiltrate 300 firms (source)
- US exposes scheme enabling North Korean IT workers to bypass sanctions (source)