North Korea’s notorious state-sponsored hacker team Lazarus Group – the one responsible for stealing more than $500 million from Bitcoin exchanges around the world – has finally been sanctioned by the Trump administration. This is over a decade since the outfit was created by the rogue state.
In a press release, the Office of Foreign Assets Control (OFAC) at the U.S. Treasury announced sanctions against Lazarus Group, as well as two other smaller outfits – Andariel and Bluenoroff – all connected to the major intelligence organization of North Korea.
According to the U.S. Under Secretary for Terrorism and Financial Intelligence, Sigal Mandelker, North Korea has been using the cryptocurrency funds stolen by the hacking groups to finance its weapons development:
“Treasury is taking action against North Korean hacking groups that have been perpetrating cyber attacks to support illicit weapon and missile programs.”
A UN report released last month corroborates OFAC’s claims.
Among the cyberattacks that Lazarus Group has been involved in include the WannaCry 2.0 ransomware attack. Per CBS, the average ransom associated with the cyberattack was Bitcoin worth approximately $300. By May 2017, combined losses from at least 150 countries were estimated to have reached $4 billion.
Other activities that the three hacking groups are alleged to have engaged in include stealing from cryptocurrency exchanges. Again, proceeds from these crimes went to financing the rogue state’s weapons programs:
“North Korea’s cyber operations also target Virtual Asset Providers and cryptocurrency exchanges to possibly assist in obfuscating revenue streams and cyber-enabled thefts that also potentially fund North Korea’s WMD and ballistic missile programs.”
The three groups are also believed to be responsible for a significant number of crypto exchange thefts, especially in Asia. Between the first quarter of 2017 and the third quarter of 2018, these hacking groups stole cryptocurrency worth about $571 million from five Asia-based Bitcoin exchanges.
The allegation by OFAC that proceeds from the hacking group’s cyber operations were used to fund weapons now casts a doubtful shadow on U.S. President Donald Trump’s earlier remark that the hermit kingdom no longer posed a threat. Mid last year, Trump tweeted that the U.S. no longer faced a “Nuclear Threat from North Korea.”
North Korea may have toned down on the provocative testing of missiles, but it never stopped replenishing the coffers by stealing Bitcoin and other crypto assets in order to fund the weapons program.