DOJ Reveals New Charges Against North Korean Computer Programmers

2 min read

WASHINGTON — Criminal charges have been filed against three North Korean government-employed computer programmers stemming from a wide-ranging spree of global cyber attacks including the 2014 Sony attack and the attempted theft of over $1.3 billion.

John Demers, the Assistant Attorney General for National Security, announced the charges during a press call on Wednesday. He said that monitoring malicious activity from North Korea is going to require “global awareness, condemnation, and cooperative disruption.”

“With this indictment and related disruptions, the United States continues to do its part,” Demers said. 

The Grand Jury indictment adds two new North Korean defendants to an earlier case brought forward in 2018. Prosecutors identified the men as members of a North Korean military intelligence agency known as the Reconnaissance General Bureau.

The men are alleged to have acted on behalf of Kim Jong Un and DRPK in order to further the regime’s financial interests. The defendants worked remotely from locations including China and Russia. The Bureau is headquartered in Pyongyang, North Korea’s capital.

The new defendants unveiled in the indictment are Jon Chang Hyok, aka Alex Jiang, and Kim Il, who went by the aliases of Tony Walker and Julien Kim.

None of the men are currently in custody, nor do they reside in the US. All three defendants are currently at large.

According to the indictment, the hackers were a part of a $1.3 billion cybertheft scheme and global sweeping campaign including a targeted attack on Sony Pictures in 2014 in retaliation for the movie “The Interview,” a critical film which depicted an assassination of Kim Jong Un.

The cybertheft scheme included the theft of approximately $81 million from a Bangladeshi bank, the 2017 WannaCry attack which impacted computer systems in 150 countries, and phishing campaigns targeting Department of Defense employees.

In order to execute the attacks, the programmers created fake websites complete with malware programs disguised as cryptocurrency software. Once downloaded, the programs would grant the men remote access to the victim’s computer.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.