Three North Korean hackers have been charged with stealing over $1.3 billion worth of cryptocurrencies and cash by federal authorities, according to a press release published by the U.S. Justice Department on Feb. 17.
The indictment unsealed by the U.S. Justice Department states that cryptocurrency firms lost over $110 million to the cybercriminals, with an unnamed Slovenian cryptocurrency company parting with a cool $75 million.
The indictment describes a broad array of criminal cyber activities undertaken by the conspiracy, in the United States and abroad, conducted for revenge or financial gain. The schemes alleged include: … Targeting of hundreds of cryptocurrency companies and the theft of tens of millions of dollars’ worth of cryptocurrency, including $75 million from a Slovenian cryptocurrency company in December 2017; $24.9 million from an Indonesian cryptocurrency company in September 2018; and $11.8 million from a financial services company in New York in August 2020 in which the hackers used the malicious CryptoNeuro Trader application as a backdoor.
Apart from the massive theft, the bad actors have been indicted for developing malicious cryptocurrency applications and even a bogus blockchain platform called Marine Chain Token.
The hackers were able to get access to the computers of their victims with the help of spear-phishing messages:
To hone the spear-phishing messages, the hackers would conduct internet research regarding their intended victims and would send them "test" spear-phishing messages to each other or themselves.
A Canadian-American citizen has already pleaded guilty to aiding the North Korean operatives.John Demers, the assistant attorney general at the Department of Justice's National Security Division, described the North Korean operatives as “the world’s leading bank robbers”:
North Korea’s operatives, using keyboards rather than guns, stealing digital wallets of cryptocurrency instead of sacks of cash, are the world’s leading bank robbers.