North Korean hackers stole $ 250 million in cryptocurrency in an exchange and two Chinese nationals helped them launder $ 100 million using prepaid iTunes gift cards and other methods, according to the US department. of Justice. The US Treasury Department said the scheme was linked to the Lazarus group, a criminal enterprise linked to North Korea and to its efforts to steal cryptocurrencies and various other high-level cyber attacks.
Prosecutors said that North Korean hackers stole the cryptocurrency in 2018 after an employee of a cryptocurrency exchange unknowingly downloaded North Korean malware. This allowed the attacker to access private keys, virtual currency and other customer information. The hackers evaded law enforcement and guarantees on the virtual exchange by using false identifiers.
The North Korean government “trains cyber actors to target and launder stolen funds,” according to the Treasury Department. Between December 2017 and April 2019, the accused Tian Yinyin and Li Jiadong, both Chinese, laundered $ 100 million in funds dating back to the 2018 hack, according to the DOJ. Tian has converted around $ 1.4 million worth of bitcoins into Apple iTunes prepaid gift cards, which the Treasury Department says are accepted on certain virtual currency exchanges to purchase additional bitcoins.
“Virtual currency hacking and related money laundering for the benefit of North Korean actors poses a serious threat to the security and integrity of the global financial system,” said US District Attorney Timothy J. Shea from Columbia in a press release. The indictments against Tian and Li explain in detail how the North Korean pirates “used the infrastructure in North Korea as part of this campaign”.
The North Korean hackers are also “linked to the theft of approximately $ 48.5 million in virtual currency from a virtual exchange office based in South Korea in November 2019”. Li and Tian were each charged with money laundering conspiracy and operating an unlicensed money transfer business.