The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Thursday announced sanctions against the North Korean cyberespionage group known as Kimsuky.
The US and its allies also announced sanctions against eight foreign North Korean agents accused of facilitating sanction evasion and aiding Pyongyang’s weapons of mass destruction programs. The news comes just days after North Korea’s launch of a new spy satellite.
In the case of the sanctions targeting Kimsuky, the Treasury Department noted that the threat actor is controlled by North Korea’s main foreign intelligence service, the Reconnaissance General Bureau.
Kimsuky, also known as APT43, Velvet Chollima, Emerald Sleet, TA406, and Black Banshee, focuses on intelligence gathering, including in support of Pyongyang’s nuclear and strategic efforts.
The threat group has been known to target governments, think tanks, research centers, universities, and news organizations in the United States, Europe and Asia.
“As an intelligence gathering apparatus for the Reconnaissance General Bureau (RGB), APT43 operates with the full backing of the North Korean regime, tasked with gathering sensitive information on a wide range of topics, including nuclear technology, sanctions evasion, and unification efforts,” explained Michael Barnhart, who leads the North Korea threat hunting team at Google Cloud’s Mandiant.
“Despite the exposure of their operations, APT43 has demonstrated remarkable resilience, continuing to employ sophisticated social engineering tactics to target unsuspecting individuals and organizations. This highlights the need for heightened vigilance and a comprehensive approach to combating North Korea’s cyber threats,” Barnhart added.
This is not the first round of sanctions targeting North Korea’s cyber activities. Earlier this week, the Treasury Department announced sanctions against the cryptocurrency mixer Sinbad for helping the North Korean hacking group Lazarus launder stolen cryptocurrency.
In May, the US slapped sanctions on a North Korean university that is believed to be training the country’s hackers.
Related: North Korean Hackers Targeted Russian Missile Developer
Related: North Korean Software Supply Chain Attack Hits North America, Asia
Related: Suspected N. Korean Hackers Target S. Korea-US Drills
