The US Treasury Department has imposed sanctions on three individuals allegedly involved with the North Korean-linked Lazarus Group. The group is accused of engaging in cyber attacks and other illicit activities to fund Pyongyang’s nuclear and missile programs. The sanctions prohibit US citizens from engaging in transactions with the designated individuals and freeze any assets they hold under US jurisdiction. This move is part of the US’s ongoing efforts to target North Korean cyber crime and disrupt the regime’s illicit revenue streams.
The United States Department of Treasury has imposed sanctions on three individuals who facilitated the laundering of stolen cryptocurrency to fund the Democratic People’s Republic of Korea’s (DPRK) illicit weapons of mass destruction (WMD) and ballistic missile programs. The Lazarus Group, a notorious hacking group, was behind the cryptocurrency theft worth $1.7 billion in 2022. The Office of Foreign Assets Control (OFAC) under the Department of Treasury imposed sanctions on two over-the-counter (OTC) traders, Wu Hiuhui and Cheng Hung Man, based in the People’s Republic of China and Hong Kong, respectively. The OFAC also sanctioned Sim Hyon Sop, who worked for the Korea Kwangson Banking Corp., which was previously designated for offering financial services support to two other institutions that were sanctioned for proliferating WMD. Wu facilitated the conversion of stolen crypto worth millions of dollars into fiat in 2021 for Lazarus Group, while Cheng assisted Wu.
Sim coordinated financial transfers for DPRK and directed Wu and Cheng, along with other OTC traders, to transfer stolen crypto to front companies for buying goods, including tobacco and communication devices, in fiat currency on behalf of DPRK. Following the OFAC sanctions, the properties of Wu, Cheng, and Sim have been blocked, and individuals or foreign institutions that have conducted certain transactions with the designated individuals also face the risk of being sanctioned. The DPRK’s Reconnaissance General Bureau (RGB), the country’s primary intelligence organization, controls Lazarus Group. The hacker group is infamous for numerous hack incidents in the crypto industry. Lazarus Group was responsible for the largest-ever crypto hack involving the Ronin Network, which led to a loss of $620 million.
In February 2023, Chainalysis reported that the cybercriminal group stole approximately $1.7 billion worth of cryptocurrency in 2022. The DPRK’s use of illicit facilitation networks threatens international security as it accesses the international financial system and generate revenue using virtual currency for the regime’s WMD and ballistic missile programs. The OFAC announcement specifies that frequently DPRK actors use these networks of OTC traders, including those based in PRC, to conduct transactions on their behalf to avoid detection by financial institutions or competent authorities.