New North Korean Hacker Group Sanctioned Over Crypto Thefts In the United States

The United States government has recently sanctioned individuals and entities linked to a cyber crypto campaign responsible for significant thefts in the crypto space. Learn more about the implications of these sanctions and the evolving tactics of North Korean cyber operatives.

Infiltration Through Work, Not Just Crypto Hacking

North Korean cyber attacks have transitioned from brute-force hacking to infiltration through skilled IT workers posing as remote contractors. These operatives infiltrate US-based blockchain and crypto companies, assuming the identities of US citizens to steal data and funnel funds to Kim Jong Un’s regime.

Sanctions Target Individuals and Front Companies

The US Treasury’s Office of Foreign Assets Control (OFAC) imposed sanctions on North Korean operatives and Russian entities involved in the cyber campaign. Individuals like Song Kum Hyok and Gayk Asatryan are implicated in identity theft, malware insertion, and funneling funds to North Korea.

All To Fund Defense of Mass Destruction

The ultimate goal of these cyber operations is to fund North Korea’s weapons development. Thousands of North Korean IT workers target crypto companies to obtain funds for the regime’s nuclear programs, evading sanctions through digital means.

Huge Losses in the Crypto Sector

North Korean actors have been linked to $1.6 billion in theft from crypto firms in the first half of the year. These cyber attacks pose a significant threat to the crypto sector, with tactics evolving to include IT worker infiltration for financial gain.

As the US takes action against these cyber threats, the crypto industry remains vigilant against such malicious activities that undermine trust and security in the digital asset space.