The United States has charged three North Korean computer programmers with a massive hacking spree aimed at stealing more than $1.3 billion in money and cryptocurrency, affecting companies from banks to Hollywood movie studios, the Department of Justice said Wednesday.
The indictment alleges that Jon Chang Hyok, 31, Kim Il, 27, and Park Jin Hyok, 36, stole money while working for North Korea's military intelligence services. Park had previously been charged in a complaint unsealed in 2018.
Kristi Johnson, the FBI assistant director in charge of the Los Angeles Field Office, said in a telephone news briefing that all three were believed to be in North Korea. The North Korean mission to the United Nations in New York did not immediately respond to requests for comment and contact details for the trio couldn't immediately be found.
The Justice Department said the hackers were responsible for a wide range of criminal activity and high-profile intrusions, including a retaliatory November 2014 attack on Sony Pictures Entertainment for producing "The Interview," which depicted the assassination of North Korea's leader.
The group is alleged to have targeted the staff of AMC Theaters and broken into computers belonging to Mammoth Screen, a U.K. film company that was working on a drama series about North Korea.
The Justice Department also alleged that the trio participated in the creation of the destructive WannaCry 2.0 ransomware – which hit Britain's National Health Service particularly hard when it was set loose in May 2017.
The indictment pins the blame on the hackers for breaking into banks across South and Southeast Asia, Mexico, and Africa by breaking into the financial institutions' networks and abusing the SWIFT protocol, and deploying malicious applications from March 2018 through September 2020 targeting cryptocurrency applications.
The overall amount of money stolen by the hackers isn't clear because in some cases the thefts were either halted or reversed. But the figures are significant. In one 2016 heist alone – at the Bangladesh Bank – the hackers are alleged to have made off with $81 million.
Overall, North Korea has generated an estimated $2 billion using "widespread and increasingly sophisticated" digital intrusions at banks and cryptocurrency exchanges, according to a U.N. report in 2019 by independent experts monitoring international sanctions on Pyongyang.
"According to one member state, the (Democratic People's Republic of Korea) DPRK total theft of virtual assets, from 2019 to November 2020" was approximately $316.4 million, the report said.
Officials said Wednesday that a Canadian-American citizen has separately pleaded guilty to laundering some of the alleged hackers' money.
The indictment was filed under seal on Dec. 8, 2020, and unsealed in a federal court in Los Angeles Wednesday.
Although the three alleged hackers work for the North Korean government, the United States alleges they have been stationed at times in various other countries, including China and Russia.
