Financial Crime World

North Korean Hackers Steal Record-Breaking Amount in Virtual Currency, US Imposes Sanctions

===============

Shocking Revelation: $630 Million to Over $1 Billion Stolen in 2022

In a stunning revelation, it has been reported that North Korean hackers stole an estimated $630 million to over $1 billion in virtual currency in 2022. This alarming trend marks a significant increase from the previous year’s cybertheft proceeds and has prompted the US Department of Treasury to take action.

Sanctions Imposed on Four Entities and One Individual

The US Department of Treasury has imposed sanctions on four entities and one individual involved in illicit revenue generation and malicious online activities to fund the Democratic People’s Republic of Korea (DPRK). The sanctioned entities include:

  • Pyongyang University of Automation: A premier cybersecurity instruction institution responsible for training malicious cybersecurity actors.
  • Technical Reconnaissance Bureau: A unit subordinate to the Reconnaissance General Bureau (RGB) that conducts malicious cybersecurity activities.
  • 110th Research Center: A cybersecurity unit responsible for conducting campaigns such as DarkSeoul, which destroyed thousands of financial sector systems.
  • Chinyong Information Technology Cooperation Company: Associated with the UN and US-sanctioned Ministry of Peoples’ Armed Forces and employs delegations of DPRK IT workers in Russia and Laos.
  • Kim Sang Man: A North Korean national presumed to be involved in the payment of salaries to family members of Chinyong’s overseas worker delegations.

The Reconnaissance General Bureau (RGB)

The RGB, designated by the US Department of Treasury on January 2, 2015, is North Korea’s primary intelligence bureau and main entity responsible for the country’s malicious cybersecurity activities. The Technical Reconnaissance Bureau and its subordinate cybersecurity unit, the 110th Research Center, have also been sanctioned.

Threats to International Security

The DPRK’s illicit cybersecurity and IT worker operations threaten international security by financing the regime and its dangerous activities, including its unlawful weapons of mass destruction (WMD) and missile programs. The US Department of Treasury emphasized that it will continue to hold the DPRK regime responsible for its actions.

Coordination with South Korea

The latest move comes as South Korea is concurrently imposing sanctions against one entity and one individual associated with overseas DPRK IT workers. The action has been taken in coordination with South Korea, which recently designated three entities for engaging in cyberattack operations and illicit revenue generation that support the DPRK’s WMD programs.

Conclusion

This significant development highlights the need for continued vigilance and cooperation between nations to combat malicious cybersecurity activities and prevent the funding of dangerous regimes. The US Department of Treasury’s sanctions aim to curb the DPRK’s malicious activities, including its cyberattacks against networks worldwide, and hold the regime accountable for its actions.