U.S. sanctioned North Korea bankers for laundering funds linked to cyberattacks and peapons program

U.S. sanctions North Korea bankers and firms accused of laundering cybercrime funds used to finance the country’s nuclear weapons program.

The U.S. Government has imposed sanctions on several North Korea bankers, financial institutions, and individuals accused of laundering funds obtained from cybercrime operations. According to the U.S. Treasury Department, these illicit financial activities directly support North Korea’s nuclear weapons and ballistic missile programs, further destabilizing global security.

North Korea-linked threat actors have stolen over $3 billion in digital assets in the past three years through malware and social engineering attacks, according to a report published by the U.S. Treasury.

“The Government of the DPRK relies on a broad range of illicit activity, including cybercrime, to generate revenue for its WMD and ballistic missile programs and explicitly tasks its hackers to raise revenue using illicit methods.” reads the report published by the U.S. Treasury. ” DPRK cyber actors are responsible for conducting high-level cyber-enabled espionage, disruptive cyberattacks, and financial theft at a scale unmatched by any other country.  Over the past three years, North Korea-affiliated cybercriminals have stolen over $3 billion, primarily in cryptocurrency, often using sophisticated techniques such as advanced malware and social engineering. “

The government of Pyongyang built advanced cyber capabilities rivaling China and Russia, posing major global threats.

The U.S. Treasury Department sanctioned two North Korean financial institutions and eight individuals involved in laundering cryptocurrency.

OFAC sanctioned North Korea’s Ryujong Credit Bank and several individuals for laundering money and evading sanctions via China and Russia, linking funds to ransomware and IT operations abroad.

The U.S. Treasury also sanctioned Korea Mangyongdae Computer Technology Company (KMCTC) and its president, U Yong Su, for running IT workers in China, and two bankers, Jang Kuk Chol and Ho Chong Son, for managing ransomware-linked funds for First Credit Bank. Five more North Korean representatives in Russia and China were designated for enabling illicit transactions worth tens of millions of dollars.

“Today, the United States sanctioned two entities and eight individuals involved in supporting the Democratic People’s Republic of Korea’s (DPRK) illicit schemes to launder funds, including those derived from cybercrime and information technology (IT) worker fraud.” reads the report published by the U.S. Treasury. “Included in today’s action are Ryujong Credit Bank, a North Korea-based financial institution that provided financial assistance to sanctions- evasion activities between China and North Korea, as well as a North Korea-based IT company that operates IT workers in China, Korea Mangyongdae Computer Technology Company and its president U Yong Su.”

All assets of sanctioned individuals in the U.S. or under U.S. control are frozen and must be reported to OFAC. U.S. persons are barred from transactions involving them unless authorized. Entities owned 50% or more by blocked persons are also restricted. Financial institutions dealing with sanctioned parties risk penalties or enforcement actions.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, North Korea)