North Korea has led multiple cyber-attacks on the United States of America, and the crypto-industry has been an active ground for these attacks. The nation has been utilizing cryptocurrencies to collect extra funds to boost their weapons programs while bypassing U.S. sanctions.

The U.N. even reported that the figure they had garnered could amount to as much as $2 billion.

They have previously carried out several hacks and ransomware attacks and have even been accused of laundering crypto funds using a blockchain company located in China. However, the latest developments state that the U.S. government has sanctioned two Chinese nationals believed to have a connection with the Lazarus group hack.

Suspects sanctioned

As per an official press release by the U.S. Department of Treasury on Monday, March 2, 2020, the suspects, Tian Yinyin and Li Jiadong, have helped launder over $100 million in funds stolen from two cryptocurrency exchanges. Furthermore, the attack on the exchanges was carried out by the infamous Lazarus Group, a dangerous cyber group behind many vile attacks, and also believed to be sponsored by the North Korean Government.

The names of the hacked exchanges, however, was not mentioned in the release, and the OFAC, keeping the name of the company a secret, referred to it as “the exchange.”

Secretary Steven Mnuchin commented on the matter:

“The North Korean regime has continued its widespread campaign of extensive cyber-attacks on financial institutions to steal funds. The United States will continue to protect the global financial system by holding accountable those who help North Korea engage in cyber-crime.”

Another indictment

Coincidentally, during that time, the Department of Justice also announced an indictment for money laundering against the same individuals. On this separate charges, Assistant Attorney General Brian A. Benczkowski of the Justice Department’s Criminal Division commented:

“These defendants allegedly laundered over a hundred million dollars’ worth of stolen cryptocurrency to obscure transactions for the benefit of actors based in North Korea. Today’s actions underscore that the Department will pierce the veil of anonymity provided by cryptocurrencies to hold criminals accountable, no matter where they are located.”

The indictment accuses the “the North Korean co-conspirators” of stealing $250 million worth of cryptocurrency from an exchange back in 2018. Supposedly, Tian Yinyin and Li Juiadong managed to launder $100 million value of cryptocurrency using prepaid iTunes gift cards and other methods between December 2017 and April 2019 for their North Korean accomplices.

The document further accused the conspirators of another hack of South Korean exchange back in November 2019. The hack saw $48.5 million worth of cryptocurrencies stolen. According to the facts, this could be a reference to the hack of crypto exchange UpBit that mysteriously lost almost the same amount at that time in Ether. The hack was considered to be an inside job as the stolen assets were from the exchange’s reserve funds.

The Lazarus effect

Over the past decade, The Lazarus group has been devoting its resources going after financial institutions, casinos, financial trade software development companies, and cryptocurrency businesses, including the attack against the Bangladesh Central bank that resulted in more than $850 million in fraudulent SWIFT network transactions.

As an instrument of the North Korean regime, Lazarus is acting to both fund its operations as well as seek revenge for its government. Kaspersky analysts have detailed this in prior analysis.

Previously, the U.S. Department of Treasury sanctioned Lazarus as one of the other two North Korean state-sponsored malicious cyber groups. The groups are accused of a long list of financial crimes that include $571M in crypto theft alone, which shows that North Korea is succeeding in cybercrime and why it is unlikely to stop soon.