*If half these allegations are true, he must be one of the most powerful and fearsome cyberwarriors in the whole world. I wonder if he'll ever write his memoirs, if we'll ever know his story.
https://www.japantimes.co.jp/news/2019/09/14/asia-pacific/u-s-sanctions-north-korean-hackers-swift-hack-wannacry-cyberattacks-fund-weapons-programs/
(...)
The Treasury Department said Friday the hacking groups are commonly known as Lazarus Group, Bluenoroff and Andariel. The groups are controlled by North Korea’s primary intelligence bureau, Treasury said in a statement.
(...)
The Justice Department in 2018 filed criminal charges against a North Korean national who it alleged belonged to the Lazarus Group. The person, Park Jin Hyok, was charged with crimes stemming from the 2014 hack on Sony Pictures Entertainment and the 2017 WannaCry ransomware operation, which Treasury called on Friday “the biggest known ransomware outbreak in history.” The Treasury Department simultaneously imposed sanctions against Park and his employer.
In the WannaCry attack, the Lazarus Group was involved in infecting computers with malicious software that encrypted data and demanded ransom payments from users to be released. The attack shut down roughly 300,000 computers in at least 150 countries, with one of the victims — the United Kingdom’s National Health Service — losing $112 million, according to the Treasury.
The cyberattack on Sony Pictures was seen at the time as representing a new, aggressive type of hacking because Lazarus Group hackers crippled computers, deleted data and released embarrassing internal emails in retaliation for the company’s film “The Interview,” a comedy about a Central Intelligence Agency plot to kill Kim.
(..)
The new sanctions also targeted two subgroups within Lazarus, which are known in the private sector as Bluenoroff and Andariel.
The Bluenoroff group within Lazarus “conducts malicious cyber activity in the form of cyber-enabled heists against foreign financial institutions on behalf of the North Korean regime to generate revenue, in part, for its growing nuclear weapons and ballistic missile program,” in the face of increased global sanctions, according to the Treasury statement. It cited private-sector and press reports that the group had attempted to steal $1.1 billion from financial institutions.
The second group within Lazarus that was targeted by Treasury on Friday was Andariel, which “focuses on conducting malicious cyber operations on foreign businesses, government agencies, financial services infrastructure, private corporations, and businesses, as well as the defense industry” including by hacking ATMs and hacking South Korean government and military targets for intelligence gathering, according to Treasury, which cited private-sector reporting....
