Key takeaways:
- The Office of Foreign Assets Control of the U.S. Treasury has placed sanctions against a number of addresses linked to cybercrime in North Korea.
- Binance said it “assisted U.S. law enforcement” in seizing $4.4 million in cryptocurrency belonging to North Korean cybercrime syndicates.
On May 23, multiple addresses connected to North Korean cybercrime were sanctioned by the Office of Foreign Assets Control (OFAC) of the U.S. Treasury.
The Democratic People’s Republic of Korea (DPRK) Government was supported by four entities and one person that were sanctioned by the Department of the Treasury’s OFAC, according to a statement released on May 23.
The Chinyong Information Technology Cooperation Company, the 110th Research Centre, the Technical Reconnaissance Bureau, and the Pyongyang University of Automation were the four entities.
The Treasury estimates that Chinyong maintains a workforce of thousands of highly qualified I.T. professionals responsible for producing income for the organization’s illegal WMD and ballistic missile programs.
These workers apply for overseas I.T. employment, such as tech and crypto-related jobs, using false or stolen identities, and then they use cryptocurrency exchanges to remit the money back to the DPRK.
Kim Sang Man, a citizen of North Korea, was involved in cybercrimes and fraudulent I.T. worker hiring schemes that brought in money for the country’s military and government. As a result, OFAC sanctioned six of his crypto addresses. OFAC reported that, as recently as 2021, Kim had collected more than $2 million in cryptocurrency from I.T. professionals. However, it was unclear if this represented all pertinent funds.
The Binance Investigations team collaborated with law enforcement in the U.S. to thwart the “illicit revenue generation activities” of four now-sanctioned entities in North Korea, according to a thread on Twitter from May 25.
The Technical Reconnaissance Bureau, which runs several departments, including those connected to the Lazarus Group, is said to be the DPRK’s leader in developing offensive cyber strategies and techniques.
In recent years, The Lazarus Group has embraced several cryptocurrency and blockchain initiatives. It is thought to have been behind the $625 million Ronin Bridge breach on Axie Infinity in March 2022.
Changpeng Zhao, the CEO of Binance, announced in late April that the company had acquired $5.8 million back from the Lazarus Group after discovering some of the illicit earnings traveling around the exchange.
A recent article from Reuters revealed that Binance regularly mixed corporate revenue with consumer funds, particularly in accounts kept at the now-defunct Silvergate Bank, based on information from three insiders acquainted with the company’s finances. The report stated that billions of dollars were mixed up in this transaction. However, the exchange has categorically refuted charges that customer funds were mixed with corporate earnings, which might have violated U.S. banking laws requiring the segregation of consumer cash.
