South Korea sets independent sanctions for crypto theft against North Korea
The sanctions against several well-known individuals and hacking groups came just hours after S. Korea announced a joint cyber venture with U.S. intelligence agencies against ransomware threats.
South Korea announced its first independent sanctions related to cryptocurrency thefts and cyber attacks against certain North Korean groups and individuals.
According to Seoul’s Ministry of Foreign Affairs, four North Korean individuals and seven businesses have been placed on a blacklist for their alleged involvement in cyberattacks and cryptocurrency theft. The blacklisted individuals include the infamous Park Jin-hyok, Jo Myong-rae, Song Rim and Oh Chung-seong.
The most notorious of the four hackers, Park, works in information technology for the Chosun Expo Joint Venture, a front company connected to the Lazarus Group in North Korea. He is well-known for participating in the WannaCry ransomware assault in 2017 and the cyberattack on Sony Pictures Entertainment in November 2014. The United States Treasury placed him on a blacklist in 2018.
According to information provided by the Foreign Ministry, North Korean hackers have stolen virtual assets worth over $1.2 billion since 2017, including $626 million in 2022 alone. As Cointelegraph reported earlier, a confidential United Nations report has revealed North Korean hackers stole more crypto assets in 2022 than in any other year. The UN report put the theft amount between $650 million and $1 billion.
The independent sanctions against North Korean hackers and hacker groups come just hours after South Korea and the U.S. announced a joint cyber security venture against ransomware attacks. The National Intelligence Service of South Korea, in coordination with the National Security Agency (NSA) and other U.S. intelligence organisations, released a joint cybersecurity alert on the threat posed by ransomware from North Korea.
Related: North Korea’s Lazarus Group masterminded $100M Harmony hack: FBI confirms
These cyber activities, which are frequently connected to the Reconnaissance General Bureau, the North’s military intelligence agency, are thought to be one of the country’s main sources of funding for its nuclear and missile programmes despite the country being subject to severe international sanctions.