North Korea’s ‘Bureau 121’ Has an Army of 6000 Hackers

Published at: Aug. 19, 2020

A report unveiled by the U.S. Army reveals that North Korea now has more than 6,000 hackers stationed in countries such as Belarus, China, India, Malaysia, Russia, among others.

The operations of four sub divisions are overseen by Bureau 121, the cyber warfare guidance unit of the hermit nation.

The report, named North Korean Tactics, suggests the hackers do not exclusively launch cyberattacks from North Korea itself, as the country lacks the IT infrastructure to deploy the massive campaigns.

Financial crimes division

The “financial crime division” called the Bluenoroff Group has around 1,700 members and is dedicated to crypto crimes “by concentrating on long-term assessment and exploiting enemy network vulnerabilities."

The most famous outfit, the Lazarus Group, has conducted numerous high profile cryptocurrency exchanges hacks and unleashed the WannaCry malware between 2016 and 2017. It was also behind the infamous Sony Pictures hack.

Its mission is to “create social chaos by weaponizing enemy network vulnerabilities and delivering a payload if directed to do so by the regime.” However, the U.S. Army was unable to estimate how many hackers are in the division.

In March, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two Chinese nationals accused of laundering cryptocurrency that was stolen in a 2018 crypto exchange hack linked to the Lazarus Group. OFAC accused Yinyin Tian and Juiadong Li of assisting “a malicious cyber-enabled activity.”

According to the latest reports, the North Korea-based cybercriminals are suspected to be using untraceable privacy coins to convert stolen funds into cash.

Tags
Related Posts
US Treasury Sanctions North Korean Hacker Groups for Cyber Attacks
The United States Treasury Department announced further sanctions against three North Korean state-sponsored hacker groups, responsible for “North Korea’s malicious cyber activity on critical infrastructure.” Continue to enforce existing U.S. and U.N. sanctions against North Korea On Sept. 13, the U.S. Department of Treasury announced sanctions against North Korean hacking groups, more specifically the renowned Lazarus group, and two lesser-known entities, Bluenoroff and Andariel. Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence said: “Treasury is taking action against North Korean hacking groups that have been perpetrating cyber attacks to support illicit weapon and missile programs. [...] We will …
United States / Sept. 13, 2019
Digital intelligence must overcome challenges to solving crypto crimes
While the value of cryptocurrencies has varied wildly in the last year, this has not diminished crypto’s attractiveness to criminals. Many of them are moving their illegal activities underground and outside the view of law enforcement. Because of the public nature of most blockchains, however, this rapid movement shouldn’t be a major concern to law enforcement agencies. With the right tools and training, following the proceeds of crypto-enabled crime is actually not as difficult as it may seem. However, intelligence agencies must have a cryptocurrency investigation plan that includes the right tools to lawfully collect digital evidence and the properly …
Technology / Aug. 20, 2021
21-Year-Old Jailed for 10 Years After Stealing $7.5M in Crypto By Hacking Cell Phones
A 21-year-old man has been sentenced to 10 years in prison after becoming one of the first people in the United States to be convicted of stealing cryptocurrency by hacking into cell phones. Prosecutors in Santa Clara announced the jail sentence on April 22. In February, Joel Ortiz had pleaded guilty and to theft and accepted the 10-year plea deal. Ortiz stole more than $7.5 million from at least 40 victims: the press release notes that he then spent $10,000 a time at Los Angeles nightclubs, hired a helicopter to fly him and his friends to a music festival, and …
Blockchain / April 23, 2019
UN Panel Says North Korea Obtained $670 Million in Crypto and Fiat via Hacking: Report
North Korea has reportedly amassed $670 million in fiat and cryptocurrencies by conducting hacking attacks, Asia-focused financial newspaper Nikkei Asian Review reports on Friday, March 8. The publication cites a U.N. Security Council report. The report, prepared by a panel of experts, was presented to the Security Council's North Korea sanctions committee ahead of its annual report. According to the documents obtained by Nikkei, the hackers attacked overseas financial institutions from 2015 to 2018 and purportedly used blockchain “to cover their tracks.” As cited by Nikkei, the report states that the attack were allegedly conducted by a specialized corps within …
Blockchain / March 8, 2019
PwC: Bitcoin Ransomware Hackers Laundered Money via WEX Exchange
Big Four consulting and auditing company PwC has linked Iranian nationals behind Bitcoin (BTC) ransomware scheme SamSam to the crypto exchange WEX in a recent report published in February. The report is based on information that was previously disclosed by the United States Department of Justice (DoJ). As per the DOJ, two Iranians — Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri — were responsible for creating SamSam. SamSam is a ransomware demanding Bitcoin that reportedly damaged multiple U.S. companies, government agencies, universities, and hospitals. Within 34 months the hackers managed to extort over $6 million in Bitcoin and cause …
United States / March 4, 2019