Groups Allegedly Connected to North Korean Cyber-Crime Sanctioned by U.S.

Malicious hacking groups, “Lazarus Group,” “Bluenoroff,” and “Andariel”, are responsible for many crypto hacks and attacts. U.S. connects them to North Korea.


n September 13th the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions targeting three, allegedly, North Korean state-sponsored malicious cyber groups who have stolen prolific sums of cryptocurrency in multiple attacks.

Internationally known hacking groups, “Lazarus Group,” “Bluenoroff,” and “Andariel” are considered by the OFAC to be agencies, instrumentalities, or controlled entities of the Government of North Korea.

Treasury Under Secretary for Terrorism and Financial Intelligence, Sigal Mandelker, said, “Treasury is taking action against North Korean hacking groups that have been perpetrating cyber attacks to support illicit weapon and missile programs,” he continued, “we will continue to  enforce U.S. and UN sanctions against North Korea and work with the international community to improve cybersecurity of financial networks.

These groups affiliated with North Korea are believed to be responsible for over $570 million dollars worth of cryptos from five exchanges in Asia between 2017 and 2018.

Image by 유봉, yubong 정,Jenog from Pixabay

Since the OFAC’s press release the following is in effect regarding the entities mentioned above according to the release:

“As a result of today’s action, all property and interests in property of these entities, and of any entities that are owned, directly or indirectly, 50 percent or more by the designated entities, that are in the United States or in the possession or control of U.S. persons are blocked and must be reported to OFAC.  OFAC’s regulations generally prohibit all dealings by U.S. persons or within (or transiting) the United States that involve any property or interests in property of blocked or designated persons.”

The OFAC has also stated that anyone engaging in certain transactions wit the entities designated since September 13 may themselves be exposed to designation.

North Korea’s access to cryptocurrency has been a long concern for the international community has the currency’s decentralization and lack of regulations inhibit other parties from preventing the use of these funds within the hermit kingdom.

In August 2019, according to a confidential U.N. report, North Korea had been funding its nuclear weapons programs with stolen crypto and fiat currencies totaling roughly $2 billion dollars. Experts at the time were looking into a minimum of 35 reported attacks on financial institutions, crypto exchanges and mining activities. Much of the attacks have been co-ordinated and operated by the Reconnaissance General Bureau, the North Korean Intelligence Agency that in thought to handle the nation’s clandestine operations.

The press release’s timing came days after North Korea said that is would be holding its second cryptocurrency-related conference, inviting the community to share info and create agreements in February of 2020 in the North’s capital, Pyongyang.

It’s first event had roughly 100 attendees from the international community that shared information with North Korea on cryptocurrency and blockchain technology.

Experts say cryptocurrencies, which are typically more difficult to track if not impossible, and internationally exchangeable, must be very attractive to a state like North Korea. As blockchain is well-known for its risk of hacking and cryptocurrency can potentially bypass much if not all surveillance of other countries.

North Korea could use crypto to continue to generate funds for its government, effectively nullifying the sanctions imposed on it from the international community.

Photo by Steve Barker on Unsplash

Luke McNamara, a senior analyst at US cyber security firm FireEye told VOAKorea, that strict sanctions and rising cryptocurrency prices have attracted the North’s attention.

McNamara said, “I think it made it a lot more attractive for them to go after that. So during that period of time, they were also still going after banks and traditional financial entities, But I think [it was] the growth of the price in Bitcoin as well as increased sanctions by the United States and others that made [cryptocurrency] much more of an attractive target to pursue.”

It is far from the first time unsavory parties used cryptocurrency and blockchain technology for nefarious means. One of the most early uses of Bitcoin was to make purchases on the darkweb site Silk Road, which has been responsible for transactions of illicit drugs, weapons, and illegal services.

If you find this content useful, share it with your friends or on social media to spread bitcoin awareness! Visit our ReadBTC Forum to have discussions with fellow Crypto Enthusiasts.

Brandon Stewart

I am a risk manager and journalist. I write about business, technology, health, and whatever new thing happens in the world of crypto.