The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) has announced sanctions targeting individuals and entities linked to North Korean-backed hacking group Lazarus Group. The sanctions aim to disrupt the group’s financial support networks and curtail its ability to engage in illicit activities. The Lazarus Group is responsible for various cyber attacks, including the WannaCry ransomware attack that affected millions of computers worldwide. The move is part of the U.S. government’s efforts to identify and sanction cyber criminals and their supporters, as well as to deter future malicious cyber activities.
North Korea’s Lazarus hacking group has been a concern for the Department of Foreign Asset Control (OFAC), which recently coordinated with South Korea to sanction three individuals who provided material support to the Lazarus hacking group. OFAC said in its report that the Lazarus Group is connected to illicit financing and cyber activity, supporting the North Korean regime’s development of weapons of mass destruction (WMD) and ballistic missile programs.
OFAC alleges that the stolen cryptocurrency is converted to fiat through networks of North Korean and Chinese over-the-counter traders (OTC) that North Korea often uses to conduct transactions on their behalf to avoid detection by financial institutions or competent authorities. North Korean actors stole nearly $1.7 billion in virtual currency through hacking in 2022, said OFAC, citing public records. Therefore, it is crucial to stop the flow of funds through these channels.
Wu Huihui was sanctioned by OFAC in connection with providing material assistance to the Lazarus Group, and Cheng Hung Man was also added to the sanctions list for aiding Wu. Meanwhile, Sim Hyon Sop, who acted on behalf of Korea Kwangson Banking Corp, an entity previously connected with providing financial services to entities proliferating WMD, was also sanctioned. OFAC alleges that Sim received cryptocurrency from North Korean nationals fraudulently performing IT work abroad. In turn, Sim is said to have directed OTC traders, such as Wu and Cheng, to send funds to front companies that used them for goods, including tobacco and communication devices.
Now that Sim, Wu, and Cheng have been sanctioned, all of the trio’s property and interests therein are blocked by OFAC. Any person or financial institution that engages in certain transactions or knowingly provides “significant financial services” to them could also find themselves on OFAC’s sanctions list.
North Korea’s cyber activities threaten international security, especially since it has already launched three intercontinental ballistic missiles this year. Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson noted that North Korea’s illicit activities to generate revenue using virtual currency for the regime’s unlawful WMD and ballistic missile programs must be stopped.
– OFAC Sanctions Three Individuals for Supporting North Korea’s Lazarus Hacking Group
– North Korea’s Cyber Activities To Be Thwarted By Sanctions