Now on Demand: Threat Detection and Incident Response (TDIR) Summit - All Sessions Available
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

U.S. Charges Two Chinese Nationals Linked to North Korean Hacker Attacks

The U.S. Department of Justice announced on Monday that two Chinese nationals have been charged with laundering over $100 million worth of cryptocurrency stolen by North Korean hackers from a cryptocurrency exchange.

The U.S. Department of Justice announced on Monday that two Chinese nationals have been charged with laundering over $100 million worth of cryptocurrency stolen by North Korean hackers from a cryptocurrency exchange.

The suspects, Tian Yinyin and Li Jiadong, have been charged with money laundering conspiracy and operating an unlicensed money transmitting business. The second charge is related to allegations that the Chinese nationals laundered money through financial accounts in the United States, for which they should have registered with the Financial Crimes Enforcement Network (FinCEN).

Prosecutors have also filed a civil forfeiture complaint in an effort to recover stolen funds. The complaint targets 113 cryptocurrency accounts and addresses allegedly used by Yinyin, Jiadong and their accomplices to launder the stolen funds. Authorities say some funds have already been seized.

In addition to the charges brought against them by the DoJ, the two individuals have been sanctioned by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), which blocked all their property and assets in the United States.

According to authorities, Yinyin and Jiadong laundered over $100 million worth of cryptocurrency, mostly obtained as a result of a cyberattack launched in April 2018 by North Korean hackers. The attack targeted an unnamed cryptocurrency and resulted in the theft of nearly $250 million worth of Bitcoin, Ethereum, Zcash, Dogecoin, Ripple, Litecoin and Ethereum Classic.

Laundering the stolen funds involved hundreds of automated transactions, accounts created on cryptocurrency exchange platforms using forged identification documents, and bank accounts at several Chinese banks. Yinyin and Jiadong allegedly provided cryptocurrency transmission services, an operation that included customers and financial accounts in the U.S.

North Korean threat actors, including the infamous Lazarus group, have targeted many cryptocurrency exchanges and financial institutions in the past years, and it has been estimated that these attacks may have helped them earn as much as $2 billion. Some believe North Korean hackers were also behind the January 2018 hack of Japanese cryptocurrency exchange Coincheck, from which over $500 million was stolen.

The indictment made public on Monday also mentions the theft of roughly $49 million worth of cryptocurrency from a South Korean exchange in November 2019. This is most likely the attack on Upbit, which was previously attributed to North Korean hackers.

Advertisement. Scroll to continue reading.

Related: North Korean Hackers Hit Cryptocurrency Exchange with macOS Malware

Related: Opsec Mistakes Allowed U.S. to Link North Korean Man to Hacks

Related: U.S. Charges North Korean Over Lazarus Group Hacks

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Wendy Zheng named as CFO and Joe Diamond as CMO at cyber asset management firm Axonius.

Intelligent document processing company ABBYY has hired Clayton C. Peddy as CISO.

Digital executive protection services provider BlackCloak has appointed Ryan Black as CISO.

More People On The Move

Expert Insights