Federal officials said on Wednesday that three North Korean computer programmers were charged with conducting a series of cyber attacks to try to steal and extort more than $ 1.3 billion in cash and cryptocurrency from financial institutions and companies.
The programmers, who are part of a North Korean military intelligence agency, are also accused of creating and deploying “various malicious cryptocurrency applications and of fraudulently developing and marketing a blockchain platform,” according to a statement. to the Justice Department press.
And the scheme also implemented repeated “spear-phishing campaigns” from 2016 through early 2020 that targeted US Department of Defense, State Department officials and workers from U.S.-authorized defense companies, energy companies, aerospace companies and technology companies, officials said.
Hackers also took control of bank ATMs to withdraw money from them as part of the conspiracy, the prosecution says.
During a news conference on Wednesday, authorities said that the development and marking in 2017 and 2018 of the so-called Marine Chain Token, which allowed investors to buy fractional ownership stakes in blockchain technology marine vessels, allowed North Korea “securely obtaining funds from investors, controlling interests in marine vessels and escaping US sanctions.”
Tracy Wilkinson, an acting United States attorney for the Central District of California, said: “The scope of the criminal conduct of North Korean hackers has been extensive and long-lasting, and the range of crimes they have committed is impressive.”
Wilkinson also said, “The conduct detailed in the prosecution is the act of a criminal nation-state that has stopped short of revenge and money to support its regime.”
The indictment brought before the US District Court in Los Angeles charges Jon Chang, 31, Kim Il, 27, and Park Jin Hyo 36, were members of units of the Reconnaissance General Bureau, a North Korean military intelligence agency that was involved in hacking crimes. Authorities noted that Park was previously charged in a criminal complaint in September 2018 that detailed the cyber attack on Sony Pictures and the creation of the ransomware known as WannaCry.
At the same time, on Wednesday, authorities announced that a Canadian-American citizen, Ghaleb Alaumary, 37, agreed to plead guilty to a money laundering scheme and admitted to helping the accused North Koreans to “withdraw” your “cyber – bank robbery enabled.”
Authorities said Alaumary organized teams in the United States and Canada to launder millions of dollars obtained by hackers through ATM withdrawal transactions.
The conspiracy, which officials said was motivated by revenge or financial gain, depending on the target, included the 2014 attack on Sony for its satirical film “The Interview”, which portrayed the assassination of North Korea, as well as the target of AMC cinemas, which showed the film. Another alleged target was Mammoth Screen, which was producing a series of fiction portraying a British scientist taken hostage by North Korea and who suffered a digital invasion in 2015.
Authorities also said that hackers from 2015 to 2019 attempted to rob more than $ 1.2 billion of banks in Vietnam, Bangladesh, Taiwan, Mexico, Malta and Africa by hacking into their computer networks and sending fraudulent messages via SWIFT bank messaging. .
Hackers are accused of targeting hundreds of cryptocurrency companies and stealing tens of millions of dollars in cryptocurrencies as part of the scheme.
A Slovenian cryptocurrency company was stolen from $ 75 million in that currency, authorities said, and hackers stole nearly $ 25 million in cryptocurrency from an Indonesian cryptocurrency company in September 2018 and $ 11.8 million from a company of New York’s financial services last summer using the CryptoNeuro Trader Application malware.
Defendants are also accused of stealing $ 6.1 million from BankIslami Pakistan Limited as part of a series of ATM withdrawal schemes, the creation of the WannaCry 2.0 ransomware in 2017, “and extortion and extortion attempts by victimized companies. “said the DOJ.
And the scheme has also reportedly developed several malicious cryptocurrency applications since March 2018, which gave North Korean hackers backdoors on victims’ computers. Those apps included Celas Trade Pro, WorldBit-Bot, iCryptoFx, Union Crypto Trader, Kupay Wallet, CoinGo Trade, Dorusio, CryptoNeuro Trader and Ants2Whale, officials said.
“North Korea operatives, using keyboards instead of weapons, stealing digital cryptocurrency wallets instead of sacks of money, are the world’s leading bank robbers,” said Assistant Attorney General John Demers of the National Security Division of Department of Justice.
The case comes at a time when the price of the leading cryptocurrency, bitcoin, has jumped more than 400% in the past 12 months.
The price of Bitcoin has risen more than 75% as an increasing number of corporations are comfortable accepting it as an offer and as a store of value and a medium of exchange.
At one point on Wednesday, bitcoin was being sold for $ 51,165, close to its all-time record, according to Coin Metrics.
JPMorgan said it is considering allowing the use of cryptocurrencies, and Bank of New York Mellon, the country’s oldest bank, said last week that it will soon allow digital currencies to pass through the same financial network it currently uses for more traditional assets , such as the US Treasury bonds and stocks.
Payment companies like PayPal and Mastercard have stepped up efforts on their platforms to support cryptocurrency processing. And electric car maker Tesla disclosed last week in a government document that it had invested $ 1.5 billion in bitcoin and planned to accept the digital currency as payment for its products.
But the history of high-level bitcoin thefts and hacks has left some still doubting its security, especially since it is often kept in digital wallets on independent networks.
In recent years, thieves have stolen billions of dollars in bitcoins. And the digital nature of these thefts often makes it difficult for authorities to track criminals.
– CNBC’s Tom Franck contributed to this report