The U.S. Justice Department indicted three North Korean military intelligence officials, members of the Lazarus APT group, for their involvement in cyber-attacks, including the theft of $1.3 billion in money and crypto-currency from organizations around the globe.
The indictment unsealed today charges two North Korean officials, Jon Chang Hyok (31), and Kim Il (27), and expands the charges initially brought against Park Jin-hyok in 2018 by the DoJ.
“A federal indictment unsealed today charges three North Korean computer programmers with participating in a wide-ranging criminal conspiracy to conduct a series of destructive cyberattacks, to steal and extort more than $1.3 billion of money and cryptocurrency from financial institutions and companies, to create and deploy multiple malicious cryptocurrency applications, and to develop and fraudulently market a blockchain platform.” reads the press release published by the DoJ.
The officials are accused to have conducted multiple hacking campaigns against organizations in the United States and abroad, including:
Assistant Attorney General John Demers defined the three hackers and the Lazarus Group as “the world’s leading bank robbers” and “a criminal syndicate with a flag.”
The DOJ also charged a Canadian national named Ghaleb Alaumary for helping the Lazarus Group in money laundering the illegal funds obtained through its activities.
“Federal prosecutors today also unsealed a charge against Ghaleb Alaumary, 37, of Mississauga, Ontario, Canada, for his role as a money launderer for the North Korean conspiracy, among other criminal schemes. Alaumary agreed to plead guilty to the charge, which was filed in the U.S. District Court in Los Angeles on Nov. 17, 2020.” continues the press release.
“Alaumary was a prolific money launderer for hackers engaged in ATM cash-out schemes, cyber-enabled bank heists, business email compromise (BEC) schemes, and other online fraud schemes.”
The man operated a network of money launderers in the US and Canada that relayed the illegal funds to other accounts under the control of North Korean hackers.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
(SecurityAffairs – hacking, Lazarus)