The United States is stepping up its game against North Korea’s illicit activities, particularly those involving cryptocurrency.
Recent reports reveal that the US has imposed sanctions on two individuals and one entity based in the United Arab Emirates that are believed to be front companies for the North Korean government.
How it works
These funds are reportedly sourced from cybercrimes and IT workers, contributing to North Korea’s controversial weapons of mass destruction and ballistic missile programs.
The two men named in the sanctions, Lu Huaying and Zhang Jian, used a UAE-based company called Green Alpine Trading LLC to carry out these operations.
As a result of the sanctions, their US assets are frozen, and Americans are prohibited from doing business with them.
The US Treasury Department emphasized the critical role these illegal networks play in funding North Korea’s military ambitions.
Bradley Smith, acting Under Secretary for Terrorism and Financial Intelligence, stated,
“As the DPRK continues to use complex criminal schemes to fund its WMD and ballistic missile programs—including through the exploitation of digital assets—Treasury remains focused on disrupting the networks that facilitate this flow of funds to the regime.”
The crypto connection
North Korean hackers have become notorious in the crypto world, being linked to a significant number of hacks across the industry.
According to the South Korean Yonhap News Agency, North Korean cyber activities now account for about 50% of the country’s foreign currency earnings. Much of this money is funneled into funding military programs.
Hackers’ methods are evolving
Despite ongoing efforts from regulators and crypto platforms to combat these cybercriminals, hackers are constantly upgrading their tactics.
Recently, North Korean hackers have become adept at impersonating executives or recruiters from crypto companies.
For instance, a member of the infamous Lazarus Group posed as an executive at Fenbushi Capital, a Chinese blockchain asset management firm.
🚨Watch out for the #Lazarus 🥷🇰🇵 attack on the fake Fenbushi Capital on linkedin! @fenbushi @SlowMist_Team @boshen1011 @VitalikButerin 👇 pic.twitter.com/cAjAcPqkNj
— 23pds (山哥) (@im23pds) April 29, 2024
They used platforms like LinkedIn to trick unsuspecting users into clicking malicious links, giving them access to sensitive information.
