US Charges 3 North Korean Hackers for Trying to Steal $1.3 Billion

Park Jin Hyok

North Korea has emerged in the last decade as among the most sophisticated and threatening hacking forces in the world, according to cybersecurity experts and the US government.

"The scope of the criminal conduct by the North Korean hackers was extensive and long-running, and the range of crimes they have committed is staggering", said Tracy L. Wilkison, the acting USA attorney in Los Angeles. Secret Service and Department of Homeland Security told reporters on Wednesday the trio's activities involved extortion, phishing, direct attacks on financial institutions and ATM networks, as well as malicious applications that masqueraded as software tools to help people manage their cryptocurrency holdings.

Although officials briefing reporters on Wednesday said they couldn't pinpoint how successful the hackers were in their attempts to steal almost $1.3 billion, the indictment does allege cryptocurrency thefts of at least $112 million. The apps gave the North Koreans a backdoor into the users' computers, enabling them to steal tens of millions of dollars, prosecutors said.

In an indictment unsealed Wednesday, a federal grand jury in Los Angeles charged that Jon Chang Hyok, Kim Il and Park Jin Hyok attacked banks, entertainment companies, online casinos, defense contractors, energy utilities and others in the U.S., Bangladesh, Mexico, Indonesia, Britain, Vietnam, Pakistan and other countries.

He said the DOJ has "obtained custody" of Mr. Alaumary, a dual U.S.

The indictment describes a broad array of criminal cyber activities undertaken by the conspiracy, in the United States and overseas, conducted for revenge or financial gain. Warrants obtained by the government allowed the Federal Bureau of Investigation to seize roughly $1.9 million from two different cryptocurrency exchanges used by the hackers, money that investigators say will be returned to the NY financial services firm.

The indictment alleges three new schemes.

According to the indictment, the defendants are responsible for some of the most damaging cyberattacks ever, including the hack of Sony Pictures Entertainment, the cyber-heist of $81 million from the Bank of Bangladesh, and the Wannacry 2.0 attack.

Overall, North Korea has generated an estimated $2 billion using "widespread and increasingly sophisticated" digital intrusions at banks and cryptocurrency exchanges, according to a United Nations report in 2019 by independent experts monitoring global sanctions on Pyongyang.

In a related development, the U.S. Federal Bureau of Investigation (FBI) obtained warrants to seize cryptocurrencies totaling approximately $1.9 million that were allegedly plundered from an unnamed financial services company in NY and held at two cryptocurrency exchanges.

The three are accused of developing several malicious cryptocurrency applications, which provided them a back door into victims' computers.

The indictment says the computer breaches often began with spear-phishing emails that contained malware that allowed them to access their victims' computer systems.

Alaumary pleaded guilty to one count of conspiracy to commit money laundering, which carries a maximum penalty of 20 years in prison.

The $1.3 billion allegedly targeted would represent nearly half the total amount of North Korea's civilian merchandise imports - mainly from China - in 2019, the most recent year for which estimates are available, said Nicholas Eberstadt, an economist at the American Enterprise Institute.

Officials said on Wednesday that Ghaleb Alaumary, a Canadian-American citizen, has separately pleaded guilty to laundering some of the alleged hackers' money.

Despite the indictment, the United States doesn't expect any of the defendants will face trial in the near future.