Financial Crime World

FBI Unveils Extensive North Korean Hacking Operation

The Federal Bureau of Investigation (FBI) has uncovered a multi-year hacking operation by North Korea’s Reconnaissance General Bureau (RGB), revealing a sophisticated scheme to steal sensitive data, extort victims, and launder millions of dollars.

The Indictment

In December 2020, an indictment was filed against three defendants: Jon, Kim, and Park. These individuals were members of units stationed in China and Russia who worked together to target hundreds of cryptocurrency companies, stealing tens of millions of dollars worth of digital currency.

Malicious Cryptocurrency Applications

Between March 2018 and September 2020, the hackers created multiple malicious cryptocurrency applications, including:

  • Celas Trade Pro
  • WorldBit-Bot
  • iCryptoFx
  • Union Crypto Trader
  • Kupay Wallet
  • CoinGo Trade
  • Dorusio
  • CryptoNeuro Trader
  • Ants2Whale

These apps provided a backdoor into the victims’ computers, allowing the hackers to steal sensitive data and deploy ransomware.

Targeted Victims

The indictment alleges that the North Korean government-backed group targeted:

  • United States cleared defense contractors
  • Energy companies
  • Aerospace companies
  • Technology companies
  • The U.S. Department of State
  • The U.S. Department of Defense

Through spear-phishing campaigns between March 2016 and February 2020, the hackers attempted to compromise these organizations.

Marine Chain Token

The hackers also developed and marketed the Marine Chain Token in 2017 and 2018. This blockchain-based platform allowed investors to purchase fractional ownership interests in marine shipping vessels. However, this was designed to secretly obtain funds from investors, control interests in marine shipping vessels, and evade U.S. sanctions.

Money Laundering

The FBI also unsealed charges against Ghaleb Alaumary, a 37-year-old Canadian national who acted as a money launderer for the North Korean conspiracy. He agreed to plead guilty to one count of conspiracy to commit money laundering, which carries a maximum sentence of 20 years in prison.

Investigation and Recovery

As part of the investigation, the FBI seized cryptocurrency stolen from a victim company in New York, totaling approximately $1.9 million. This recovered cryptocurrency will be returned to the victim.

The charges against Jon, Kim, and Park carry a maximum sentence of:

  • 30 years in prison for conspiracy to commit wire fraud and bank fraud
  • 5 years in prison for conspiracy to commit computer fraud and abuse

Prosecution and Cooperation

The case is being prosecuted by Assistant U.S. Attorneys Anil J. Antony and Khaldoun Shobaki, with substantial assistance from the Department of Justice National Security Division’s Counterintelligence and Export Control Section. The investigation involved cooperation from numerous victims and foreign authorities around the world.