U.S Treasury Department and the Department of Justice have imposed sanctions on 2 Chinese nationals on accusations of helping North Korean hackers in laundering the funds stolen during hacks of two cryptocurrency exchanges.
The US government has charged two Chinese nationals for laundering more than $100 million worth of cryptocurrency out of the nearly $250 million stolen by North Korean actors known as Lazarus Group after hacking a cryptocurrency exchange in 2018. Lazarus is a North Korean state-sponsored criminal group with efforts to steal cryptocurrency and various high-profile cyberattacks.
Tian Yinyin and Li Jiadong were charged for money laundering conspiracy and operating an unlicensed money transmitting business.
Tian Yinyin and Li Jiadong laundered more than $100m using 113 virtual currency accounts and addresses in between December 2017 and April 2019. They operated through independent as well as linked accounts and provided virtual currency transmission services for a fee for customers.
“Tian moved nearly $1.4 million dollars worth of Bitcoin into prepaid Apple iTunes gift cards, which at certain exchanges can be used for the purchase of additional Bitcoin,” said the Treasury Department.
“Today we are publicly exposing a criminal network’s valuable support to North Korea’s cyber heist programme and seizing the fruits of its crimes,” said John C Demers, assistant attorney-general at the justice department’s National Security Division.
The North Koreans used a phishing email to steal the $250 million funds in April 2018. An email was sent to an employee of cryptocurrency exchange which led the employee to unknowingly download a piece of malware that was capable of taking over his computer and pilfering the private keys needed to access customer’s virtual wallets on the exchange.
“The North Korean government trains cyber actors to target and launder stolen funds,” according to the Treasury Department.
“North Korea continues to attack the growing worldwide ecosystem of virtual currency as a means to bypass the sanctions imposed on it by the United States and the United Nations Security Council. IRS-CI is committed to combating the means and methods used by foreign and domestic adversaries to finance operations and activities that pose a threat to US national security,” said IRS-CI Chief Don Fort.
You may be interested in reading: ASP.NET Hit by Ransomware