The U.S. has sanctioned three North Korean entities for cyber crimes, mentioning cryptocurrency thefts as one of the reasons for the action.
In a Sept. 13 announcement, the U.S. Department of the Treasury identified the Lazarus Group, Bluenoroff and Andariel as entities now on its the sanctions list, who are believed to be responsible for the theft of $571 million worth of cryptos from five exchanges in Asia in 2017 and 2018.
The announcement comes just days after the North said that it would be holdings its second cryptocurrency-related conference, inviting the community to share information and do deals next February in Pyongyang.
The Treasury department said the stolen funds, including coins from cryptocurrency exchanges, are believed to have been used in the development of nuclear weapons and ballistic missiles.
As a result of the designation, all assets owned or controlled by any of the three entities are now blocked and must be reported to Office of Foreign Assets Control (OFAC). The announcement said that "U.S. persons," which broadly includes citizens, residents and companies incorporated in the U.S., are generally prohibited from dealing with the blocked entities. Anyone violating the sanctions could themselves be subject to designation by the Treasury.
Further, any financial institution in any country that deals with the blocked entities could lose their correspondent banking relationships with U.S. financial institutions, essentially locking them out of the dollar market.
Lazarus, which is the parent of the other two groups and also known as Apple Worm and Guardians of Peace, was involved in the WannaCry 2.0 ransomware attacks of 2017, the announcement added.
Bluenoroff, which came to the attention of security companies in 2014 and is sometimes known as APT38 or Stardust Chollima, has stolen funds from financial institutions, including $80 million from the Central Bank of Bangladesh, and has targeted cryptocurrency exchanges.
Andariel was first noticed by the internet security community in 2015 and is also attempting to engage in theft and sow confusion. It was said to be responsible for a 2016 hack into the personal computer of the South Korean Defense Minister.
All three groups are controlled by North Korea and related to the Reconnaissance General Bureau (RGB), according to the announcement.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.