Two Chinese nationals, Tian Yinyin and Li Jiadong, have been sanctioned by the US Department of Treasury under charges of laundering funds via stolen funds from cryptocurrency exchanges in 2018 for North Korea. Both Tian and Li are suspected to be working with the ‘Lazarus Group’, which is a “US-designated North Korean state-sponsored malicious cyber group”, according to the report by the US Treasury.
Hackers, supposedly from the Democratic People’s Republic of Korea (DPRK), accessed the accounts of staff from two unspecified cryptocurrency exchanges when they opened and downloaded malware from an email. Customer information was stolen, which allowed the malicious actors to use stolen private keys to access user wallets. Approximately $250 million of funds were illegally diverted out of these wallets with these malware emails.
The stolen funds were then transferred back to four different exchanges, before Tian and Li received $91 million of the total amount of stolen funds. Thereafter, the funds were then transferred to bank accounts in China, with $1.4 million being traded for gift cards.
The DPRK government is allegedly using funds appropriated from these cryptocurrency exchanges to finance their nuclear weapons program.
“The North Korean regime has continued its widespread campaign of extensive cyber-attacks on financial institutions to steal funds,” said Secretary Steven T. Mnuchin. “The United States will continue to protect the global financial system by holding accountable those who help North Korea engage in cyber-crime.”
You may also want to read: Wells Fargo Invests in Elliptic, Crypto Crimes Expert Company