Keep knowledgeable with free updates
Merely signal as much as the Cyber Safety myFT Digest — delivered on to your inbox.
US authorities are turning the screws on a sprawling felony community accused of utilizing stolen cryptocurrencies to fund North Korea’s nuclear weapons programme.
A gaggle below sanctions and linked to North Korea allegedly stole about $620mn in a cryptocurrency hack in 2022, US prosecutors intend to point out in an upcoming trial, illustrating its attain in digital foreign money. The US Treasury division lately mentioned it could blacklist a Cambodian monetary conglomerate for allegedly laundering stolen digital foreign money for the shadowy group.
The efforts are the most recent to give attention to the actions of the Lazarus Group, which US authorities suspect of pilfering billions of {dollars} over virtually 20 years to fund the North Korean regime’s nuclear programme.
Prosecutors and defence attorneys are clashing over how a lot of the proof within the cash laundering case, involving a crypto service known as Twister Money, might be proven to jurors, court docket filings present. Defence attorneys are looking for to dam references to the Lazarus Group from the trial, saying it could be unfair to the defendant. Prosecutors allege the crypto pockets that the stolen funds went into was linked to the group.
The Lazarus Group has been related to a number of the most notorious digital heists in latest historical past, together with the theft of $81mn from Bangladesh’s account on the Federal Reserve Financial institution of New York, the worldwide “WannaCry” ransomware assault and the cyber assault on Sony Photos in retaliation for its manufacturing of the film The Interview.
The US positioned the group under sanctions in 2019.
An enforcement unit of the Treasury division has additionally lately taken goal at Lazarus, noting it has used the Cambodia-based Huione Group, a banking conglomerate, to launder $4bn in stolen digital funds.
“Huione Group serves as a crucial node for laundering proceeds of cyber heists carried out by the Democratic Folks’s Republic of Korea,”
FinCEN mentioned, including it could sever Huione’s entry to the US monetary system.
In 2023, the justice division charged Roman Storm, a co-founder of Twister Money, which obscured the historical past of blockchain transactions, with knowingly facilitating the laundering of greater than $1bn in felony proceeds through his platform.
Storm and different Twister Money co-founders, prosecutors alleged, believed the Lazarus Group was accountable for hacking the Ronin Network underpinning Axie Infinity, a blockchain-based online game. The co-founders additionally allegedly thought the funds could be used for North Korea’s programme for weapons of mass destruction, the DoJ added.
Legal professionals for Storm, who has pleaded not responsible and can face trial this month, mentioned the Lazarus Group references ought to be blocked for lack of proof and relevance, in line with court docket filings.
They mentioned Storm was not charged with hacking, “neither is he alleged to have conspired with or have any ties to the Lazarus Group”, in line with a court docket submitting.
The justice division additionally charged one other Twister Money co-founder, Roman Semenov, who stays at massive.
A lawyer representing Storm declined to remark.
North Korea has turn out to be a number one power in worldwide cyber crime, with US regulation enforcement treating it as one of many main international cyber threats alongside Russia, China and Iran. The regime is believed to misappropriate digital belongings to assist its illicit programmes for ballistic missiles and weapons of mass destruction, in line with the US Treasury.
“Lazarus Group has repeatedly victimised each the customers and builders of digital belongings applied sciences for functions of funding the DPRK regime’s malign actions,” the justice division mentioned in an announcement.
Victor Cha, president of the geopolitics and international coverage division and Korea chair on the Middle for Strategic and Worldwide Research, mentioned North Korea’s estimated haul of $1.34bn in stolen cryptocurrency final 12 months was a “document”, resulting in “issues about proceeds getting used for weapons proliferation financing”.