The United States Department of Treasury sanctioned three individuals who helped the notorious hackers Lazarus Group to process the conversion of stolen cryptocurrency to fiat, allegedly for the funding of the Democratic People’s Republic of Korea’s (DPRK) illicit weapons of mass destruction (WMD) and ballistic missile programs.
An earlier report by Chainalysis claimed that Lazarus Group was responsible for crypto theft worth about $1.7 billion in 2022.
3 China-based OTC Traders Face OFAC Sanctions
The Office of Foreign Assets Control (OFAC) under the Department of Treasury designated sanctions to two over-the-counter (OTC) traders Wu Hiuhui, based in the People’s Republic of China, and Cheng Hung Man, based in Hong Kong.
The OFAC also sanctioned Sim Hyon Sop, who recently relocated to China and worked for the Korea Kwangson Banking Corp., an entity that was previously designated for offering financial services support to two other institutions which were sanctioned for proliferating weapons of mass destruction.
As stated in a press release, Wu facilitated the conversion of stolen crypto worth millions of dollars into fiat in 2021 for Lazarus Group, while Cheng assisted Wu by remitting payments to companies to receive cryptocurrency. The PR reads:
“Frequently, DPRK actors use these networks of OTC traders, including People’s Republic of China (PRC)-based OTC traders, to conduct transactions on their behalf to avoid detection by financial institutions or competent authorities.”
Sim, on the other hand, “coordinated millions of dollars in financial transfers for the DPRK,” with the Treasury Department stating that the bank official received funds from information technology workers who fraudulently obtained jobs abroad.
Also, Sim directed Wu and Cheng, along with other OTC traders, to transfer stolen crypto to front companies who will, in turn, pay for goods, including tobacco and communication devices, in fiat on behalf of the DPRK.
Following the OFAC sanctions, properties belonging to Wu, Cheng, and Sim are blocked, and individuals or foreign institutions who have conducted certain transactions with the designated people could also risk being sanctioned.
A statement from Brian E. Nelson, Under Secretary of the Treasury for Terrorism and Financial Intelligence, said:
“The DPRK’s use of illicit facilitation networks to access the international financial system and generate revenue using virtual currency for the regime’s unlawful weapons of mass destruction(WMD) and ballistic missile programs directly threatens international security.”
Lazarus Group Controlled by NK’s Intelligence Bureau
Meanwhile, the OFAC announcement noted that Lazarus Group is under the DPRK’s Reconnaissance General Bureau (RGB), the country’s primary intelligence organization. The hacker group is notorious for several hack incidents in the crypto industry.
Lazarus Group has been said to be behind the largest-ever crypto hack involving the Ronin Network, which saw a loss of $620 million. A report by blockchain security outfit Chainalysis in February 2023 stated that the cybercriminal group stole about $1.7 billion worth of cryptocurrency in 2022.