The US Department of State has announced that it is offering up to $10 million as a reward for information on individuals associated with notorious North Korean state-sponsored hacking groups.
The US government says it is interested in information on hackers that are part of the advanced persistent threat (APT) actors known as Lazarus Group, Bluenoroff, Andariel, APT38, Guardians of Peace, and Kimsuky.
“If you have information on any individuals associated with North Korean government-linked malicious cyber groups (such as Andariel, APT38, Bluenoroff, Guardians of Peace, Kimsuky, or Lazarus Group) and who are involved in targeting US critical infrastructure in violation of the Computer Fraud and Abuse Act, you may be eligible for a reward,” the State Department announced this week.
‘Lazarus’ is the commonly used term when referring to the cyber activities of North Korean hackers, including cyberespionage, cryptocurrency heists, and financially motivated operations. The US government refers to this activity cluster as ‘Hidden Cobra’.
Lazarus has been blamed for various high-profile cyberattacks, including the recent Ronin $600 million cryptocurrency heist and the $100 million hack of Harmony’s Horizon Bridge.
Andariel, Bluenoroff, and Guardians of Peace are believed to be subgroups within Lazarus/Hidden Cobra. ‘APT38’ is another term used to describe the same activities.
The $10 million reward for Lazarus hackers comes roughly three months after the US government announced it was offering $5 million for information that would help disrupt financial mechanisms of entities offering financial support to the North Korean government.
Last year, the US government stepped up its efforts against ransomware and other cyber threats by offering rewards of up to $10 million for information on any hacker conducting malicious operations against critical infrastructure.
In April this year, the Department of State underlined its interest in rewarding individuals offering information on Russian intelligence officers responsible for the 2017 NotPetya attack.
Related: North Korea APT Lazarus Targeting Chemical Sector
Related: US Puts Sanctions on N.Korea Hacking Groups Behind Major Thefts
Related: USCYBERCOM Shares More North Korean Malware Samples

More from Ionut Arghire
- Votiro Raises $11.5 Million to Prevent File-Borne Threats
- Lumen Technologies Hit by Two Cyberattacks
- Leaked Documents Detail Russia’s Cyberwarfare Tools, Including for OT Attacks
- Severe Azure Vulnerability Led to Unauthenticated Remote Code Execution
- 500k Impacted by Data Breach at Debt Buyer NCB
- Chinese Cyberspies Use ‘Melofee’ Linux Malware for Stealthy Attacks
- Microsoft Cloud Vulnerability Led to Bing Search Hijacking, Exposure of Office 365 Data
- OpenAI Patches Account Takeover Vulnerabilities in ChatGPT
Latest News
- Italy Temporarily Blocks ChatGPT Over Privacy Concerns
- FDA Announces New Cybersecurity Requirements for Medical Devices
- Report: Chinese State-Sponsored Hacking Group Highly Active
- Votiro Raises $11.5 Million to Prevent File-Borne Threats
- Lumen Technologies Hit by Two Cyberattacks
- Leaked Documents Detail Russia’s Cyberwarfare Tools, Including for OT Attacks
- Mandiant Investigating 3CX Hack as Evidence Shows Attackers Had Access for Months
- Severe Azure Vulnerability Led to Unauthenticated Remote Code Execution
