US Treasury Sanctions North Korean Hacker Groups for Cyber Attacks

Published at: Sept. 13, 2019

The United States Treasury Department announced further sanctions against three North Korean state-sponsored hacker groups, responsible for “North Korea’s malicious cyber activity on critical infrastructure.”

Continue to enforce existing U.S. and U.N. sanctions against North Korea

On Sept. 13, the U.S. Department of Treasury announced sanctions against North Korean hacking groups, more specifically the renowned Lazarus group, and two lesser-known entities, Bluenoroff and Andariel. Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence said:

“Treasury is taking action against North Korean hacking groups that have been perpetrating cyber attacks to support illicit weapon and missile programs. [...] We will continue to enforce existing U.S. and UN sanctions against North Korea and work with the international community to improve cybersecurity of financial networks.”

North Korea netted $2 billion by hacking banks and crypto exchanges

In August, Cointelegraph reported that the United Nations claimed that North Korea had netted around $2 billion by hacking banks and cryptocurrency exchanges. The U.N. Security Council North Korea Sanctions Committee further stated that hackers formed an essential part of North Korea’s government funding, reporting:

“Democratic People’s Republic of Korea cyber actors, many operating under the direction of the Reconnaissance General Bureau, raise money for its WMD (weapons of mass destruction) programs, with total proceeds to date estimated at up to two billion US dollars.” 

North Korea denies the U.N.’s accusations

On Sept. 1, Cointelegraph reported that North Korea’s official state media, the Korea Central News Agency (KCNA), denied allegations of massive theft by North Korean agents. The KCNA cited a statement from the National Coordination Committee of the DPRK for Anti-Money Laundering and Countering the Financing of Terrorism that accused the United States and other hostile forces of spreading slanderous rumors. It said:

 

“Such a fabrication by the hostile forces is nothing but a sort of a nasty game aimed at tarnishing the image of our Republic and finding justification for sanctions and pressure campaign against the DPRK.”  

The statement further added that the U.N. is “re-enacting the same old trick as the Hitler fascist propagandists used to cling to.”

Tags
United States
Altcoin
Cryptocurrencies
Hackers
Sanctions
Cybersecurity
Crimes
North Korea
Related Posts
North Korea’s ‘Bureau 121’ Has an Army of 6000 Hackers
A report unveiled by the U.S. Army reveals that North Korea now has more than 6,000 hackers stationed in countries such as Belarus, China, India, Malaysia, Russia, among others. The operations of four sub divisions are overseen by Bureau 121, the cyber warfare guidance unit of the hermit nation. The report, named North Korean Tactics, suggests the hackers do not exclusively launch cyberattacks from North Korea itself, as the country lacks the IT infrastructure to deploy the massive campaigns. Financial crimes division The “financial crime division” called the Bluenoroff Group has around 1,700 members and is dedicated to crypto crimes …
Blockchain / Aug. 19, 2020
Developers Propose Plan to Protect Ethereum Classic Network From Further Attacks
Ethereum Classic (ETC) accelerator Ethereum Classic Labs announced a plan to protect the blockchain from further attacks. On Aug. 19 the organization proposed taking immediate action in implementing long-term changes to the network architecture over the next three to six months. The accelerator decided to focus their efforts on improving the network’s security after recent attacks on the blockchain. The immediate measures proposed by Ethereum Classic Labs include a “defensive mining” cooperation with mining pools and miners to maintain a consistent hashrate and gain the ability to increase it when needed. A higher hashrate would render a 51% attack against …
Altcoin / Aug. 20, 2020
North Korea’s Crypto Extortion Efforts Have Expanded Considerably in 2020
A group of hackers associated with the North Korean regime have kept their crypto extortion efforts alive in 2020. A group of North Korean hackers operating under the name “Lazarus” targeted several crypto exchanges last year, according to a report published by Chainalysis. One of the attacks involved the creation of a fake trading bot which was offered to employees of the DragonEx exchange. Findings show that in March 2019, the hackers stole approximately $7 million in various cryptocurrencies from the Singapore-based exchange. Cybersecurity vendor Cyfirma warned in June about a massive crypto phishing campaign that could be launched by …
Bitcoin / July 28, 2020
North Korean Internet Use Spikes 300% as Regime Turns to Cryptocurrencies
North Korea’s internet use saw a 300% surge over the past three years, as the country’s regime has continued to rely on cryptocurrencies for various activities. Exploitation of crypto and blockchain technology is among the primary tactics for the country to generate revenue as well as transfer and use illicitly obtained funds, a new study says. Titled “How North Korea Revolutionized the Internet as a Tool for Rogue Regimes,” the study was released on Feb. 9 by Insikt Group, an intelligence arm of United States-based cybersecurity firm Recorded Future. The report analyzed North Korean senior leadership’s internet activity between Jan. …
Technology / Feb. 11, 2020
Malware on Official Monero Website Can Steal Crypto: Investigator
The software available for download on Monero’s (XMR) official website was compromised to steal cryptocurrency, according to a Nov. 19 Reddit post published by the coin’s core development team. The command-line interface (CLI) tools available at getmonero.org may have been compromised over the last 24 hours. In the announcement, the team notes that the hash of the binaries available for download did not match the expected hashes. The software was malicious On GitHub, a professional investigator going by the name of Serhack said that the software distributed after the server was compromised is indeed malicious, stating: “I can confirm that …
Altcoin / Nov. 19, 2019