Federal authorities said on Wednesday that three North Korean computer programmers have been charged with carrying out a series of cyber attacks to attempt to steal and extort more than $ 1.3 billion in cash and cryptocurrency from financial institutions and companies.
The programmers, who are part of a North Korean military intelligence agency, are also accused of creating and deploying “multiple malicious cryptocurrency applications, and developing and fraudulently marketing a blockchain platform,” according to a press release. the Ministry of Justice.
And the plan also conducted repeated “ spear-phishing campaigns ” from 2016 to early 2020 targeting employees of the U.S. Department of Defense, the State Department, and employees of U.S.-approved defense contractors, energy companies, air and air companies. aerospace companies and technology companies, authorities said. .
Hackers also took control of ATMs to withdraw cash from them as part of the conspiracy, the charges said.
At a press conference Wednesday, officials said the 2017 and 2018 development and marking of the so-called Marine Chain Token, which allowed investors to buy fractional ownership stakes in seagoing vessels using blockchain technology, enabled North Korea to “ secretly raise funds from investors, control interests in ocean-going vessels and evade US sanctions. “
Tracy Wilkinson, the acting US attorney for the Central District of California, said, “The scope of the North Korean hackers’ criminal behavior has been extensive and long-term, and the range of crimes they have committed is astonishing.”
Wilkinson also said, “The conduct described in the indictment is the acts of a criminal nation-state that has stopped at nothing to retaliate and obtain money to support its regime.”
The suit filed with the US District Court in Los Angeles accuses Jon Chang, 31, 27-year-old Kim Il, and Park Jin Hyo 36, who were members of units of the Reconnaissance General Bureau, a North Korean military intelligence agency engaged in criminal activities. hacking. Authorities noted that Park had previously been charged in a September 2018 criminal complaint that described the cyber attack on Sony Pictures and the creation of the ransomware known as WannaCry.
At the same time, officials announced on Wednesday that a Canadian-American citizen, 37-year-old Ghaleb Alaumary, agreed to plead guilty in a money laundering scheme and admitted that he was helping accused North Koreans ‘pay out’ their ‘cybercrime’. -enabled bank robbery. “
Authorities said Alaumary organized teams of people in the US and Canada to launder millions of dollars that the hackers had obtained through ATMs.
The conspiracy, which officials said was motivated for revenge or financial gain depending on the target, included the attack on Sony in 2014 for its satirical film ‘The Interview’, which depicted the murder of North Korea, as well as attacking AMC. theaters. , on which the film was shown. Another alleged target was Mammoth Screen, which produced a fictional series depicting a British scientist held hostage by North Korea who was digitally breached in 2015.
Authorities also said that from 2015 to 2019 the hackers tried to steal more than $ 1.2 billion from banks in Vietnam, Bangladesh, Taiwan, Mexico, Malta and Africa by breaking into their computer networks and sending fraudulent messages through the SWIFT. bank messaging system.
The hackers are accused of attacking hundreds of cryptocurrency companies and stealing tens of millions of dollars worth of cryptocurrency as part of the plan.
A Slovenian cryptocurrency company was defrauded for $ 75 million in such currency, authorities said, and the hackers stole nearly $ 25 million worth of cryptocurrency from an Indonesian cryptocurrency company and $ 11.8 million from a New York financial services company in September 2018. last summer by the malicious CryptoNeuro Trader application.
The defendants are also charged with stealing $ 6.1 million from BankIslami Pakistan Limited as part of a series of ATMs, the creation of the WannaCry 2.0 ransomware in 2017, “and the extortion and attempted extortion of victimized companies. , ”said the DOJ.
And, since March 2018, the plan is also said to have developed multiple malicious cryptocurrency applications that gave North Korean hackers backdoors on victims’ computers. Those applications included Celas Trade Pro, WorldBit-Bot, iCryptoFx, Union Crypto Trader, Kupay Wallet, CoinGo Trade, Dorusio, CryptoNeuro Trader and Ants2Whale, officials said.
North Korean agents, who use keyboards instead of weapons, and steal cryptocurrency digital wallets instead of bags of cash, are the world’s biggest bank robbers, said Assistant Attorney General John Demers of the National Security Division of the National Security Division. Department of Justice.
The case comes as the price of the leading cryptocurrency, bitcoin, has risen more than 400% in the last 12 months.
Bitcoin price has risen over 75% as an increasing number of businesses become more comfortable and accept it both as a tender and as a store of value and medium of exchange.
At one point Wednesday, bitcoin sold for $ 51,165, close to the record it hit earlier in the day, according to Coin Metrics.
JPMorgan has said it is considering allowing cryptocurrency banking, and Bank of New York Mellon, the country’s oldest bank, said last week that it will soon pass digital currency through the same financial network it currently uses for more. traditional holdings such as US Treasury. bonds and stocks.
Payment companies such as PayPal and Mastercard have stepped up efforts on their platforms to support cryptocurrency processing. And electric carmaker Tesla announced in a government filing last week that it had invested $ 1.5 billion in bitcoin and planned to accept the digital currency as payment for its products.
But bitcoin’s history of high-profile thefts and hacks has left some to question its security, especially as it is often kept in digital wallets on independent networks.
In recent years, thieves have stolen billions of dollars worth of bitcoin. And the digital nature of those thefts often makes it difficult for authorities to track down the crooks.
– CNBCs Tom Franck contributed to this report