The United States has charged three North Korean computer programmers with a massive state-sponsored hacking spree that stole more than US$1.3 billion in money and cryptocurrency, affecting companies from banks to Hollywood movie studios.
The indictment alleges that Jon Chang Hyok, 31, Kim Il, 27, and Park Jin Hyok, 36, stole money while working for North Korea’s military intelligence services, and named the Lazarus Group (which is also called Advanced Persistent Threat (APT) 38 by security researchers).
Park had previously been charged in a complaint unsealed in 2018.
The Justice Department said the hackers are responsible for a wide range of criminal activity and high-profile cyber attacks.
This includes a retaliatory November 2014 attack on Sony Pictures Entertainment for producing “The Interview,” which depicted the assassination of North Korea’s leader Kim Jong-un.
It also alleged they participated in the creation of the destructive WannaCry 2.0 ransomware which hit Britain’s National Health Service particularly hard when it was set loose in May 2017.
The indictment also pins the blame on the hackers for breaking into banks’ networks across south and southeast Asia, Mexico, and Africa, abusing the SWIFT funds transfer system.
They are also said to have deployed malicious applications from March 2018 through September 2020 targeting cryptocurrency applications.
Officials added that a Canadian-American citizen, Ghalab Alaumary, has also separately pleaded guilty to laundering some of the alleged hackers’ money.
Alaumary is accused of having conspired with Ramon Olorunwa Abbas, aka “Ray Hushpuppi,” and others to abuse automatic teller machines for money laundering.
This included a 2018 cash-out affecting Pakistan’s BankIslami to the tune of US$6.1 million.
Alaumaury has pleaded guilty to one charge of money laundering which carries a maximum 20 year prison sentence.
The indictment was filed under seal on December 8, 2020, and unsealed in a federal court in Los Angeles on Wednesday.
If convicted, the trio faces prison sentences of up to five years for computer hacking and a maximum of 30 years for wire fraud, the DoJ said.
Although the three alleged hackers work for the North Korean government, the United States alleges they have been stationed at times in various other countries, including China and Russia.