The U.S. State Division has introduced rewards of as much as $10 million for any data that might assist disrupt North Korea’s cryptocurrency theft, cyber-espionage, and different illicit state-backed actions.
“When you’ve got data on any people related to the North Korean government-linked malicious cyber teams (similar to Andariel, APT38, Bluenoroff, Guardians of Peace, Kimsuky, or Lazarus Group) and who’re concerned in concentrating on U.S. vital infrastructure in violation of the Laptop Fraud and Abuse Act, chances are you’ll be eligible for a reward,” the division mentioned in a tweet.
The quantity is double the bounty the company publicized in March 2022 for specifics relating to the monetary mechanisms employed by state-sponsored actors engaged on behalf of the North Korean authorities.
The event comes every week after the Justice Division disclosed the seizure of $500,000 price of Bitcoin from North Korean hackers who extorted digital funds through the use of a brand new ransomware pressure often known as Maui.
The menace actor, tracked underneath the umbrella moniker Lazarus Group (aka Hidden Cobra or APT38), is thought to goal blockchain corporations and conduct financially-driven crime by rogue cryptocurrency pockets apps. Andariel and Bluenoroff are mentioned to be subgroups throughout the bigger Lazarus cluster.
Blockchain analytics agency Chainalysis in a report earlier this 12 months linked the Lazarus Group to seven assaults directed towards cryptocurrency platforms in 2021, stealing roughly $400 million price of digital belongings within the course of.
It has additionally been implicated within the hacks of Axie Infinity’s Ronin Community Bridge and Concord Horizon Bridge in latest months, ensuing within the theft of a whole bunch of thousands and thousands of {dollars} in digital currencies.
Earlier this month, Microsoft warned {that a} North Korean exercise cluster it calls DEV-0530 has been utilizing a customized ransomware pressure dubbed H0lyGh0st to efficiently compromise small companies in a number of international locations.
Cyber-enabled monetary theft and cash laundering, ransomware, cryptojacking, and extortion operations are a part of Pyongyang-aligned hackers’ tactical playbook to generate unlawful income whereas mitigating the influence of sanctions.
“The North Korean authorities — formally often known as the Democratic Individuals’s Republic of Korea (DPRK) — employs malicious cyber exercise to gather intelligence, conduct assaults, and generate income,” the U.S. Cybersecurity and Infrastructure Safety Company (CISA) notes in its advisory.
“North Korea has carried out cyber theft towards monetary establishments and cryptocurrency exchanges worldwide, doubtlessly stealing a whole bunch of thousands and thousands of {dollars}, in all probability to fund authorities priorities, similar to its nuclear and missile packages.”
