Security News > 2021 > February > US names three North Koreans in laundry list of cybercrime charges

US names three North Koreans in laundry list of cybercrime charges
2021-02-18 19:24

The US Department of Justice has just unsealed a lengthy list of cybercrime charges against three North Koreans.

The DOJ explicitly named the three accused men as Jon Chang Hyok, Kim Il, and Park Jin Hyok, alleging them to be part of a North Korean hacking group that you may have heard referred to over the years as APT38 or the Lazarus Group.

The extortion charges cover both types of blackmail that we commonly see in ransomware attacks these days, namely squeezing the victim to "Buy back" the decryption keys to recover any scrambled data, as well as paying "Hush money" so the criminals will delete any copies of company data that they stole during the attack.

The indictment alleges that the accused deliberately targeted defense contractors, energy companies, aerospace companies, technology companies, the US Department of State, and the US Department of Defense.

It's unusual to see a single indictment accusing a small gang of alleged crooks of such a varied list of cybercrimes.

Most of us, or perhaps all of us, will have first hand experience of attempted cybercrime attacks, such as ransomware-infected email attachments, booby-trapped web links and fraudulent investment offers; some of us, sadly, will actually have been victims ourselves, or will know an individual or a company who was.


News URL

https://nakedsecurity.sophos.com/2021/02/18/us-names-three-north-koreans-in-laundry-list-of-cybercrime-charges/