US sanctions against 3 North Korean cyber groups accused of targeting financial institutions and crypto exchanges

The US shares a complicated relationship with North Korea and it is getting, even more, complex. The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced on Friday, sanctions against three North Korean hacking groups accused of attacking important institutions, malicious cyber-attacks and stealing millions from cryptocurrency exchanges to financial institutions.

The three notorious groups in question are identified as Lazarus Group, Bluenoroff, and Andariel- are allegedly controlled by North Korea’s primary intelligence bureau, Reconnaissance General Bureau [RGB]. Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence said:

“Treasury is taking action against North Korean hacking groups that have been perpetrating cyber attacks to support illicit weapon and missile programs. We will continue to enforce existing U.S. and UN sanctions against North Korea and work with the international community to improve cybersecurity of financial networks.”

According to the cybersecurity firms, Bluenoroff targeted over 16 organizations across 11 countries through phishing and backdoor intrusions. This included SWIFT messaging system, financial institutions, and cryptocurrency exchanges. The groups have reportedly purloined a sum of $571 million in crypto from five exchanges in Asia between January 2017 and September 2018.

The Department wrote:

“In addition to malicious cyber activities on conventional financial institutions, foreign governments, major companies, and infrastructure, North Korea’s cyber operations also target Virtual Asset Providers and cryptocurrency exchanges to possibly assist in obfuscating revenue streams and cyber-enabled thefts that also potentially fund North Korea’s WMD and ballistic missile programs.”