Cryptocurrency Fraud
Cyberwarfare / Nation-State Attacks
Fraud Management & Cybercrime

OFAC Adds Men to List of Specially Designated Nationals and Blocked Persons

US Indicts Chinese National for Laundering DPRK Crypto
Photo taken at a North Korean youth rally in Pyongyang in March (Image: KCNA)

A Chinese and a Hong Kong national are each under U.S. federal indictment for their role in channeling cryptocurrency stolen by North Korean hackers into hard currency.

See Also: Live Webinar | Education Cybersecurity Best Practices: Devices, Ransomware, Budgets and Resources

Prosecutors say Huihui Wu and Hung Man Cheng are over-the-counter cryptocurrency traders based China and Hong Kong, respectively. An unsealed indictment accuses the two men of converting virtual currency into fiat currency directly or by funneling converted stolen cryptocurrency into front companies that used the money to pay for goods such as tobacco and communications devices. Wu allegedly provided material support to Pyongyang threat actor Lazarus Group, while Cheng provided material support to Wu.

An unknown user who goes by the online moniker of “live:jammychen0150” recruited Wu and Cheng sometime around 2018 to participate in the scheme which was active through 2021. Jammy Chen, as federal prosecutors dub the unknown scheme member, received instructions for payments from North Korea national based now located in China-named Hyon Sop Sim.

Sim is also the subject of a separate indictment for role as a representative of the Korea Kwangson Banking Corp., a North Korean financial institution sanctioned by the U.S. Department of the Treasury in 2013. In addition to directing Jammy Chen and his associates, Sim handled salaries paid in cryptocurrency by U.S.-based companies that unknowingly outsourced work to North Korean IT workers.

Federal prosecutors say Sim received $24 million worth of laundered virtual currency, at least half of which came from the salaries of outsourced North Korean workers.

The Treasury Department’s Office of Foreign Assets Control added each of the men to its blacklist of individuals prohibited from doing business with U.S. entities and whose assets should be blocked.

North Korean hackers were behind the largest virtual cryptocurrency heist to date, stealing almost $620 million in 2022 from Ronin Network, a sidechain tied to blockchain game Axie Infinity. Blockchain analysis firm Chainalysis calculated that North Korean hackers stole $1.7 billion worth of cryptocurrency during 2022 (see: Banner Year for North Korean Cryptocurrency Hacking). The cash-strapped Kim regime uses cryptocurrency theft to pump up its lagging finances, using the money to finance development of weapons of mass destruction.

Updated April 24, 17:47 UTC: Updated throughout with additional information.

This is a developing story; check back for updates.


Source link