Two Chinese nationals were charged by the Treasury Department on Monday with laundering over $100 million worth of cryptocurrency stolen by North Korean hackers.
Prosecutors allege that North Korean hackers belonging to the Lazarus Group, a U.S.-designated North Korean state-sponsored cyber-terrorist group, gained access to a cryptocurrency exchange in 2018 and stole nearly $250 million worth of virtual currency before laundering through the two Chinese men.
In their indictment, the Treasury Department charged Tian Yinyin and Li Jiadong with conspiracy to commit money-laundering and operating as well as running an unlicensed money transmitting business and also imposed sanctions against them.
It said in a statement:
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) today sanctioned two Chinese nationals involved in laundering stolen cryptocurrency from a 2018 cyber intrusion against a cryptocurrency exchange.
Specifically, OFAC is designating 田寅寅, Tian Yinyin (Tian), and 李家东, Li Jiadong (Li), for having materially assisted, sponsored, or provided financial, material, or technological support for, or goods or services to or in support of, a malicious cyber-enabled activity.
Tian and Li are also being designated for having materially assisted, sponsored or provided financial, material, or technological support for, or goods or services to or in support of, Lazarus Group.
According to the Justice Department, the hackers used doctored photographs and fake identification to avoid detection and used the stolen money to fund other North Korean hacking efforts.
Treasury Secretary Steven Munchin followed up by accusing the North Korean regime of continuing its “widespread campaign of extensive cyber-attacks on financial institutions to steal funds.”
“The United States will continue to protect the global financial system by holding accountable those who help North Korea engage in cyber-crime,” he asserted.
The indictment also stated that North Korean hackers were “tied to the theft of approximately US$48.5 million worth of virtual currency from a South Korea-based virtual currency exchange in November 2019,” consequently laundering the money through hundreds of automated transactions.
“The hacking of virtual currency exchanges and related money laundering for the benefit of North Korean actors poses a grave threat to the security and integrity of the global financial system,” U.S. Attorney said Timothy Shea.
On top of the indictment, U.S. prosecutors also filed a civil forfeiture complaint to try and recover the rest of stolen funds, naming 113 online cryptocurrencies accounts and addresses that they say were used by Tian and Li and their alleged co-conspirators. Some of the money has already been recovered.
North Korean actors are believed to be behind numerous past cyber attacks, the most notable behind a 2017 ransomware attack that took thousands of computers and servers hostage worldwide. According to intelligence analysts, the communist regime is constantly developing its malware in a bid to have the most effective cyber technology, widely considered as the next frontier in international warfare.