In April 2020, the U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation released a joint advisory that is warning organizations worldwide about the ‘significant cyber threat’ posed by the North Korean nation-state actors to the global banking and financial institutions.
At the time, the U.S. government also offered a monetary reward of up to $5 million to anyone who can provide ‘information about the activities carried out by North Korea-linked APT groups. The authorities will also pay for information about past hacking campaigns.
Now the U.S. State Department increased the rewards to $10 million.
“Rewards for Justice is offering a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act (CFAA).” reads the announcement published by Rewards for Justice.
People that have information on any individuals associated with the North Korea-linked APT groups (such as Andariel, APT38, Bluenoroff, Guardians of Peace, Kimsuky, or Lazarus Group) and who are involved in targeting U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act, may be eligible for a reward.
Rewards for Justice has set up a Dark Web site (he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad.onion) to allow anyone with information on foreign malicious cyber activity against the US to provide them via a secure channel:
(SecurityAffairs – hacking, North Korea)