Ministry of Finance and Ministry of Justice The United States imposed sanctions and charged in absentia with two Chinese citizens. Tian Yinin and Li Jiadong are accused of helping North Korean hackers launder the cryptocurrency stolen during the hacking of two cryptocurrency exchanges.
According to officials, the defendants acted as intermediaries and money mules for the North Korean hacker group Lazarus. Let me remind you that last year Lazarus became one of the three North Korean groups that the US authorities accused of embezzling funds for the Pyongyang regime in order to finance military programs.
According to investigators, hackers are helping North Korea bypass international sanctions by stealing money through the use of ransomware, hacking banks, ATM networks, gambling sites, online casinos and cryptocurrency exchanges. Funds stolen in this way are returned to North Korea using cryptocurrencies, money mules and Chinese banks.
It is reported that Tian Yinin and Li Jiadong received stolen funds and then laundered this money, converting it into Chinese paper currency (yuan) or into Apple gift cards, which could then be used without reference to the stolen cryptocurrency.
The stolen funds came from DPRK-controlled accounts. The largest amount received, $ 91 million, was stolen as a result of hacking an unnamed cryptocurrency exchange in April 2018. The defendants also received $ 9.5 million stolen from a second unnamed exchanger. As a result, according to US authorities, Tien and Li helped launder more than $ 34 million by converting the funds into RMB, which were then deposited into a bank account in China. Another 1.4 million dollars in bitcoins were converted into Apple gift cards.
Although the names of the affected exchanges were not disclosed, it is known that the first exchange (hacked in April 2018) lost about $ 250 million as a result of this attack, that is, it was one of the largest cryptocurrency hacks in history. This is probably the incident described in the Kaspersky Lab report in the summer of 2018. Then, investigating the activities of the malware for macOS, AppleJeus, the researchers also mentioned the hacking of a large cryptocurrency exchange that occurred in early 2018.