19:47 GMT26 February 2021
Listen Live
    Asia & Pacific
    Get short URL
    by
    2214
    Subscribe

    The United States Justice Department has named three North Koreans - Jon Chang Hyok, Kim Il, and Park Jin Hyok - as wanted for a string of cyberattacks around the world. The hackers allegedly stole US$1.3 billion and crippled the UK’s NHS computers during the 2017 Wannacry incident.

    President Joe Biden's administration has targeted North Korea and claimed it has a special department of hackers who are responsible for a "global campaign of criminality."

    The US Justice Department unveiled an indictment on Wednesday, 17 February, against three North Koreans accused of being part of the secretive Reconnaissance General Bureau (RGB), which is better known among hackers and cybersecurity firms as the Lazarus Group, or APT 38.

    The Americans claim North Korea, struggling under the weight of UN sanctions, launched a series of cyber attacks to steal money and cryptocurrency from financial institutions and individuals around the world using malware.

    Assistant Attorney General John C. Demers said: "North Korea’s operatives, using keyboards rather than guns, stealing digital wallets of cryptocurrency instead of sacks of cash, are the world’s leading bank robbers."
    Dennis Lavalle holds a ticket and a poster of the film The Interview
    © REUTERS / Kevork Djansezian
    Dennis Lavalle holds a ticket and a poster of the film "The Interview"

    All three of the men it has named - Jon Chang Hyok, 31, Kim Il, 27, and Park Jin Hyok, 36, are believed to be in North Korea but Park was charged in absentia in 2018 with a cyber attack on Sony Entertainment four years earlier. 

    That attack was believed to have been carried out in revenge for Sony funding a Seth Rogen movie, The Interview, which poked fun at Kim Jong-un.

    Park is also accused of creating the WannaCry 2.0 ransomware, which brought down the NHS computers and many other servers in 2017, and the theft of US$81 million from a bank of Bangladesh the previous year.

    A screenshot shows a WannaCry ransomware demand, provided by cyber security firm Symantec, in Mountain View, California, U.S. May 15, 2017
    © REUTERS / Courtesy of Symantec
    A screenshot shows a WannaCry ransomware demand, provided by cyber security firm Symantec, in Mountain View, California, U.S. May 15, 2017
    Acting US Attorney Tracy L. Wilkison for the Central District of California said: "The scope of the criminal conduct by the North Korean hackers was extensive and long-running, and the range of crimes they have committed is staggering. The conduct detailed in the indictment are the acts of a criminal nation-state that has stopped at nothing to extract revenge and obtain money to prop up its regime."

    The Justice Department has also claimed the hackers targeted a British film production company, Mammoth Screen, after it produced a fictional TV series about an English nuclear scientist being taken prisoner in North Korea.

    ​It is claimed between 2015 and 2019 the North Koreans attempted to steal US$1.2 billion from banks in Malta, Mexico, Taiwan, Vietnam and Bangladesh by sending fake SWIFT (Society for Worldwide Interbank Financial Telecommunication) messages.

    The three North Koreans also developed fake cryptocurrency apps - Celas Trade Pro, World Bit-Bot, iCryptoFx, Union Crypto Trader, Kupay Wallet, CoinGo Trade, Dorusio, CryptoNeuro Trader and Ants2Whale - which allowed them to hack into people’s computers and steal personal information.

    They are also accused of raiding digital currency exchanges in Slovenia and Indonesia and taking $11.8 million from a New York digital exchange.

    ​Kim Il was identified by the Justice Department as the developer of the Marine Chain Token blockchain which was designed so that investors could buy shares in ships involved in international commerce.

    The Justice Department claim the Marine Chain Token was designed to help Pyongyang avoid sanctions by disguising ship ownership identities, allowing shops to secretly export oil and other resources to North Korea.

    A fourth man - Ghaleb Alaumary, from Mississauga in Canada - has pleaded guilty to one charge of acting as a money launderer for the North Koreans.

    He allegedly hired a team of people to withdraw up to $6 million from BankIslami Pakistan ATMs which had been hacked by the North Koreans.

    If the three North Koreans are ever caught and convicted in the US they could face up to 30 years in prison.

     In this June 30, 2019, file photo President Donald Trump, right, listens as North Korean leader Kim Jong Un, left, speaks during their bilateral meeting inside the Freedom House at the border village of Panmunjom in the Demilitarized Zone, South Korea
    © AP Photo / Susan Walsh
    In this June 30, 2019, file photo President Donald Trump, right, listens as North Korean leader Kim Jong Un, left, speaks during their bilateral meeting inside the Freedom House at the border village of Panmunjom in the Demilitarized Zone, South Korea

    Relations between the US and North Korea warmed up when Donald Trump first became President and he even met Kim Jong-un at a summit in Vietnam in 2019.

    But by last year relations had become frosty again with North Korean foreign minister Ri Son Gwon saying Washington remained a "long term threat" to the Democratic People’s Republic of Korea.

    US State Department spokesman Ned Price said the Biden administration was reviewing how to deal with Pyongyang and said it "will take into account the totality of the malign activity and the threats that are emanating from North Korea.”

    "Most frequently we speak of North Korea's nuclear and ballistic missile program, but of course, its malicious cyber activity is something we are carefully evaluating and looking at as well," he said.
    Tags:
    hacking, malware, ransomware, WannaCry, United States, North Korea
    Community standardsDiscussion