South Korea has intensified efforts to curb the illegal cyber operations of its northern neighbor, the Democratic People’s Republic of Korea (DPRK), which have escalated to alarming levels.
These activities, which include cryptocurrency theft and IT-related foreign currency generation, are said to be funding Pyongyang’s nuclear and missile programs.
Crypto Crimes Funding Military Developments
In a press statement released on Boxing Day, the South Korean government announced it had designated 15 North Korean IT employees and one organization under independent sanctions.
The individuals allegedly belong to the 313th General Bureau, an entity tied to the DPRK’s Ministry of Munitions Industry, which oversees the country’s weapons development programs.
Among them, Kim-Cheol-Min is accused of working secretly for technology firms in the United States and Canada, funneling large sums of money to the North Korean regime. Another individual, Kim Ryu-Sung, previously faced indictment in the U.S. for violating sanctions.
The measures will also target the Chosun Geumjeong Economic Information Technology Exchange Company, which is claimed to dispatch IT workers abroad to help generate foreign currency for North Korea. The money is reportedly used to finance military developments in the pariah nation.
Once the sanctions come into effect on December 30, 2024, South Korean laws require that any financial transactions with the affected individuals and entities must receive approval from the Financial Services Commission or the Governor of the Bank of Korea.
Growing North Korean Threat
The restrictions against the alleged DPRK agents come even as a recent Chainalysis report revealed that North Korean actors were responsible for 61% of the $2.2 billion stolen in 2024 in crypto heists across the globe. The hackers used sophisticated tactics, including malware deployment and social engineering, allowing them to target major digital asset companies.
In one instance, the decentralized finance (DeFi) platform Radiant Capital suffered a $50 million hack attributed to the North Koreans. The attackers orchestrated the breach through malware distributed via Telegram, exploiting weaknesses in the platform’s security.
Additionally, the notorious hacking outfit, the Lazarus Group, has been linked to another $50 million heist, this time on the Upbit crypto exchange. South Korean authorities, in collaboration with the FBI and Swiss prosecutors, confirmed the group’s involvement and shed light on its ties to the DPRK’s main intelligence agency, the Reconnaissance General Bureau.
Kaspersky Labs security analyst Vasily Berdnikov also connected the syndicate with an elaborate hacking plot that involved cloning a popular blockchain game and embedding malicious code within its website, allowing it to install malware on the systems of anyone playing the game.
Meanwhile, U.S. authorities have been tackling related issues. On December 17, the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two individuals and an entity for allegedly laundering millions of dollars in crypto for the Kim Jong Un administration.
The post South Korea Takes Action Against North Korean Cyber Criminals appeared first on CryptoPotato.