The groups are behind several hacking operations that resulted in the theft of hundreds of millions of dollars from financial institutions and
According to the Treasury, the three groups “likely” stole $571 million in
Intelligence analysts believe the groups are under the control of the Reconnaissance General Bureau, which is North Korea’s primary intelligence bureau.
“Treasury is taking action against North Korean hacking groups that have been perpetrating cyber attacks to support illicit weapon and missile programs,” said Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence.
“We will continue to enforce existing US and UN sanctions against North Korea and work with the international community to improve
The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated.
This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.
“According to industry and press reporting, by 2018, Bluenoroff had attempted to steal over $1.1 billion dollars from financial institutions and, according to press reports, had successfully carried out such operations against banks in Bangladesh, India, Mexico, Pakistan, Philippines, South Korea, Taiwan, Turkey, Chile, and Vietnam.” continues the US Treasury.
Andariel carried out cyber attacks against online gambling and poker sites.
The sanctions placed by the US Treasury aim to lock the access to the global financial system and to freeze any assets held under US jurisdiction.
“As a result of today’s action, all property and interests in property of these entities, and of any entities that are owned, directly or indirectly, 50 percent or more
(SecurityAffairs – North Korea, hacking)