The United States authorities have sanctioned two Chinese nationals on March 2 and accused them of laundering more than $100 million in cryptocurrency which was stolen in the cyberattack linked to North Korea in 2018. The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) said in the official statement that it designated Tian Yinyin and Li Jiadong for having “materially assisted” the cyber intrusion linked to "Lazarus" Group, which is a US-designated North Korean state-sponsored malicious cyber group.
According to the official website, US Treasury Secretary Steven T Mnuchin“The North Korean regime has continued its widespread campaign of extensive cyber-attacks on financial institutions to steal funds. The United States will continue to protect the global financial system by holding accountable those who help North Korea engage in cyber-crime.”
Treasury sanctions individuals laundering cryptocurrency for Lazarus Group. https://t.co/toQLOHy1pY— Treasury Department (@USTreasury) March 2, 2020
The US Treasury Department has stated that both Tian and Li received approximately $91 million from North Korean controlled accounts that were stolen in an April 2018 hack of a cryptocurrency exchange as well as an additional $9.5 million from a hack of another exchange. According to the official website, the Democratic People's Republic of Korea “trains cyber actors to target and launder stolen funds from financial institutions”. Moreover, both Chinese nationals transferred the money among the addresses they had held resulting in the obfuscation of the origin of the funds.
As a result of US OFAC's action, all property and interests of Tian and Li that are in the United States or in the possession or control of the American people will be blocked and reported to the officials. The authorities have further prohibited the two Chinese nationals from all deals by the US persons or within America that involve any property or interests in property of blocked persons.
Other than North Korean group called Lazarus, on September 13, 2019, has identified other hacking groups including “Bluenoroff,” and “Andariel” as agencies, instrumentalities, or controlled entities of the Government of North Korea. According to the official website, “North Korea’s malicious cyber activity is a key revenue generator for the regime, from the theft of fiat currency at conventional financial institutions to cyber intrusions targeting cryptocurrency exchanges.”