Pages:
Author

Topic: 2 Chinese charged with laundering money from exchange hack - page 2. (Read 309 times)

legendary
Activity: 3248
Merit: 1402
Join the world-leading crypto sportsbook NOW!
It's good that the criminals finally got caught. Money laundering is something often put forth as an argument against Bitcoin, so it's important to distinguish casual Bitcoin users from people using it for their dirty business. I wonder what will happen to all that money. It's seized by the government now that these people are caught, right? Or is it just that the addresses are known but access is not granted? It seems from the report that at least some funds are seized. I wonder why in these situations the US government doesn't return the money to people who filed official complaints about being scammed. Auctions don't seem like a perfect solution in this situation to me.
full member
Activity: 1470
Merit: 148
This can be related to the sanctions from USA to North Korea, they're finding other means to get out of the sanctions laid on them. Hope North Korea understand their movement as the group can be use against them in the future. For them to opening involved in training hackers at such level told us how desperate they're to embark on their Nuclear Weapons agendas, this huge sum of money can be use to fund some illicit projects against mass destruction. I wonder why the Chinese citizen joined in this mess because they will face the music squarely according to law. 
legendary
Activity: 2576
Merit: 1860
[snip]

Something tells me that these North Koreans couldn't have made this hack successful if not with the assistance of experts from other countries. This launder attempt by Chinese individuals in behalf of the North Korean hackers who stole the funds speaks of possible connections other than this one. They could have been partners way back then. A hundred million USD won't be entrusted to these Chinese for laundering if they were not very trusted individuals.

I have serious doubts that ordinary North Koreans can pull off such huge operation all by themselves. It is either they are connected to their government itself or at least supported by certain powerful persons inside or they have the backing of foreign nationals, probably Chinese, who are knowledgeable enough about such operations.

They have the Lazarus Group, which believed to be state sponsored cyber criminals group inside North Korea. They have stage a lot of online hackers, prior to targeting South Korean exchanges, or any crypto related exchanges for that matter. So North Korea alone is very capable to pull this kind of heist specially against their nemesis.

But they colluded with the Chinese identified in the indictment to launder $100 million out of the $250 million they have stolen. So obviously, there are connections amongst thieves.

North Korean hackers are learning a lot from their mentors who are outside their hermit kingdom. It seems that they are now capable of standing on their own feet.

From the link you have given:

Quote
North Korean hackers are sent vocationally to Shenyang, China for special training. They are trained to deploy malware of all types onto computers, computer networks, and servers. Education domestically includes the Kim Chaek University of Technology and Kim Il-sung University.

From students of China, North Koreans are now not only capable of learning the skills, they are also offering them in their own universities. As you've said, state-sponsored. It seems the country is not only developing nuclear weapons, they are also raising an army of hackers.
legendary
Activity: 1666
Merit: 1196
STOP SNITCHIN'
It didn't mentioned the exchange, but I will assume that it is a South Korean exchange, which they frequently targeted.

This wording implies by omission that there were multiple exchanges hacked, not all of which were South Korean:

Quote
According to the pleadings, in 2018, North Korean co-conspirators hacked into a virtual currency exchange and stole nearly $250 million worth of virtual currency.
Quote
The pleadings further allege that between December 2017 and April 2019, Yinyin and Jiadong laundered over $100 million worth of virtual currency, which primarily came from virtual currency exchange hacks.
Quote
The pleadings further allege that the North Korean co-conspirators are tied to the theft of approximately $48.5 million worth of virtual currency from a South Korea-based virtual currency exchange in November 2019.

As far as 2018 hacks go, BitGrail claimed to have been hacked for $195 Million of XRB. Coincheck for $530 Million of NEM. The $250 million number doesn't ring any bells.

The 2019 hack was obviously Upbit:
Quote
Upbit is the latest hacking victim after losing $49 million at 9:00 UTC on November 26, 2019. An "abnormal transaction" resulted in a 342,000 ether loss in a few minutes. The exchange said that the loss didn't come from user funds and that it has suspended all functions for at least two weeks.

It's strange that they unsealed the indictment without naming any of the exchanges.
hero member
Activity: 2632
Merit: 833
[snip]

Something tells me that these North Koreans couldn't have made this hack successful if not with the assistance of experts from other countries. This launder attempt by Chinese individuals in behalf of the North Korean hackers who stole the funds speaks of possible connections other than this one. They could have been partners way back then. A hundred million USD won't be entrusted to these Chinese for laundering if they were not very trusted individuals.

I have serious doubts that ordinary North Koreans can pull off such huge operation all by themselves. It is either they are connected to their government itself or at least supported by certain powerful persons inside or they have the backing of foreign nationals, probably Chinese, who are knowledgeable enough about such operations.

They have the Lazarus Group, which believed to be state sponsored cyber criminals group inside North Korea. They have stage a lot of online hackers, prior to targeting South Korean exchanges, or any crypto related exchanges for that matter. So North Korea alone is very capable to pull this kind of heist specially against their nemesis.

But they colluded with the Chinese identified in the indictment to launder $100 million out of the $250 million they have stolen. So obviously, there are connections amongst thieves.
legendary
Activity: 2576
Merit: 1860
I still find it amazing how NoKor keeps on pulling the strings to make their moves outside their country and not get caught sooner. Their relationship with large banks and other organizations/institutions is unbelievable too, so much that they managed to amass hundreds of millions of dollars through illegal activity without hitting any red flags. That's why I always look up to the North Koreans as extremely cunning and dangerous even though their country is deprived of anything to the outside world. Good thing their moves are snooped by the authorities even though they initially used bitcoin to cover tracks first. I just wonder what certain cryptocurrency ezchange are they talking about anyway?

Something tells me that these North Koreans couldn't have made this hack successful if not with the assistance of experts from other countries. This launder attempt by Chinese individuals in behalf of the North Korean hackers who stole the funds speaks of possible connections other than this one. They could have been partners way back then. A hundred million USD won't be entrusted to these Chinese for laundering if they were not very trusted individuals.

I have serious doubts that ordinary North Koreans can pull off such huge operation all by themselves. It is either they are connected to their government itself or at least supported by certain powerful persons inside or they have the backing of foreign nationals, probably Chinese, who are knowledgeable enough about such operations.
legendary
Activity: 2898
Merit: 1823
I still find it amazing how NoKor keeps on pulling the strings to make their moves outside their country and not get caught sooner. Their relationship with large banks and other organizations/institutions is unbelievable too, so much that they managed to amass hundreds of millions of dollars through illegal activity without hitting any red flags. That's why I always look up to the North Koreans as extremely cunning and dangerous even though their country is deprived of anything to the outside world. Good thing their moves are snooped by the authorities even though they initially used bitcoin to cover tracks first. I just wonder what certain cryptocurrency ezchange are they talking about anyway?


For the right price, cartels/criminals would be happy to help them with anything. Plus with Trump imposing more sanctions in the Mid-East, Iran might be happy to do research and development on Nuclear weapons for NoKor. For the right price.
sr. member
Activity: 1498
Merit: 326
Vave.com - Crypto Casino
I still find it amazing how NoKor keeps on pulling the strings to make their moves outside their country and not get caught sooner. Their relationship with large banks and other organizations/institutions is unbelievable too
Instead of "amazing" I would use the word terrifying. Imagine how this country has huge wide of connection with this big transactions. I wonder should those affiliated with them must be investigated more as more partners or collaboration medium to big enterprise could be connected too. Scary how they operate and penetrated the cryptoindustry with massive funds at stake. Crypto is indeed being used by other countries for these kind of scheme. Im not shocked why US is strict when it comes to cryptocurrency.
sr. member
Activity: 994
Merit: 257
Best Bitcoin Casino www.coinsaga.com
It is a great news at least the government are still able to arrest those hackers.
Is still a great sign that in the future there would be more crypto hackers that would be arrested?
But any way good job for them on finding those two and maybe soon they would also find out the other members of this group.
legendary
Activity: 3080
Merit: 1353
I still find it amazing how NoKor keeps on pulling the strings to make their moves outside their country and not get caught sooner. Their relationship with large banks and other organizations/institutions is unbelievable too, so much that they managed to amass hundreds of millions of dollars through illegal activity without hitting any red flags. That's why I always look up to the North Koreans as extremely cunning and dangerous even though their country is deprived of anything to the outside world. Good thing their moves are snooped by the authorities even though they initially used bitcoin to cover tracks first. I just wonder what certain cryptocurrency ezchange are they talking about anyway?

And that is why up to this day, North Korea has survived from the massive trade embargo from the West, they are so resilient, and we could say self sufficient and saw crypto as a way to circumvent whether arms or trade sanctions.

It didn't mentioned the exchange, but I will assume that it is a South Korean exchange, which they frequently targeted.

Edit: Hacked Exchanges since 2011.

legendary
Activity: 3542
Merit: 1352
Cashback 15%
I still find it amazing how NoKor keeps on pulling the strings to make their moves outside their country and not get caught sooner. Their relationship with large banks and other organizations/institutions is unbelievable too, so much that they managed to amass hundreds of millions of dollars through illegal activity without hitting any red flags. That's why I always look up to the North Koreans as extremely cunning and dangerous even though their country is deprived of anything to the outside world. Good thing their moves are snooped by the authorities even though they initially used bitcoin to cover tracks first. I just wonder what certain cryptocurrency ezchange are they talking about anyway?
legendary
Activity: 2576
Merit: 1655
Two Chinese nationals who help North Korean hackers to launder $100 million out of the $250 million stolen from an exchange, using prepaid iTunes gift cards and other methods.

Quote
Two Chinese Nationals Charged with Laundering Over $100 Million in Cryptocurrency from Exchange Hack
Forfeiture Complaint Details Over $250 Million Stolen by North Korean Actors
          WASHINGTON – Two Chinese nationals were charged with laundering over $100 million worth of cryptocurrency from a hack of a cryptocurrency exchange.  The funds were stolen by North Korean actors in 2018, as detailed in the civil forfeiture complaint also unsealed today.

          In the two-count indictment unsealed today in the District of Columbia, 田寅寅 aka Tian Yinyin, and 李家东aka Li Jiadong, were charged with money laundering conspiracy and operating an unlicensed money transmitting business.

          “The hacking of virtual currency exchanges and related money laundering for the benefit of North Korean actors poses a grave threat to the security and integrity of the global financial system,” said U.S. Attorney Timothy J. Shea of the District of Columbia.  “These charges should serve as a reminder that law enforcement, through its partnerships and collaboration, will uncover illegal activity here and abroad, and charge those responsible for unlawful acts and seize illicit funds even when in the form of virtual currency.”]

https://www.justice.gov/usao-dc/pr/two-chinese-nationals-charged-laundering-over-100-million-cryptocurrency-exchange-hack



In relation to that,  US Department of Treasury added 20 known BTC address of the two

The following individuals have been added to OFAC's SDN List:

Quote

LI, Jiadong (Chinese Simplified: 李家东) (a.k.a. "blackjack1987"; a.k.a. "khaleesi"), Anshan, Liaoning, China (Chinese Simplified: 鞍山, 辽宁, China); DOB 10 Jan 1987; nationality China; Gender Male; Digital Currency Address - XBT 1EfMVkxQQuZfBdocpJu6RUsCJvenQWbQyE; alt. Digital Currency Address - XBT 17UVSMegvrzfobKC82dHXpZLtLcqzW9stF; alt. Digital Currency Address - XBT 39eboeqYNFe2VoLC3mUGx4dh6GNhLB3D2q; alt. Digital Currency Address - XBT 39fhoB2DohisGBbHvvfmkdPdShT75CNHdX; alt. Digital Currency Address - XBT 3E6rY4dSCDW6y2bzJNwrjvTtdmMQjB6yeh; alt. Digital Currency Address - XBT 3EeR8FbcPbkcGj77D6ttneJxmsr3Nu7KGV; alt. Digital Currency Address - XBT 3HQRveQzPifZorZLDXHernc5zjoZax8U9f; alt. Digital Currency Address - XBT 3JXKQ81JzBqVbB8VHdV9Jtd7auWokkdPgY; alt. Digital Currency Address - XBT 3KHfXU24Bt3YD5Ef4J7uNp2buCuhrxfGen; alt. Digital Currency Address - XBT 3LbDu1rUXHNyiz4i8eb3KwkSSBMf7C583D; alt. Digital Currency Address - XBT 3MN8nYo1tt5hLxMwMbxDkXWd7Xu522hb9P; alt. Digital Currency Address - XBT 3N6WeZ6i34taX8Ditser6LKWBcXmt2XXL4; Secondary sanctions risk: North Korea Sanctions Regulations, sections 510.201 and 510.210; Phone Number 8613314257947; alt. Phone Number 8618004121000; Identification Number 210302198701102136 (China) (individual) [DPRK3] [CYBER2] (Linked To: LAZARUS GROUP).
 
TIAN, Yinyin (Chinese Simplified: 田寅寅) (a.k.a. "snowsjohn"; a.k.a. "tianyinyin0404"), Nanjing, Jiangsu, China (Chinese Simplified: 南京, 江苏, China); DOB 12 Jul 1986; nationality China; Email Address [email protected]; Gender Male; Digital Currency Address - XBT 134r8iHv69xdT6p5qVKTsHrcUEuBVZAYak; alt. Digital Currency Address - XBT 15YK647qtoZQDzNrvY6HJL6QwXduLHfT28; alt. Digital Currency Address - XBT 1PfwHNxUnkpfkK9MKjMqzR3Xq3KCtq9u17; alt. Digital Currency Address - XBT 14kqryJUxM3a7aEi117KX9hoLUw592WsMR; alt. Digital Currency Address - XBT 1F2Gdug9ib9NQMhKMGGJczzMk5SuENoqrp; alt. Digital Currency Address - XBT 3F2sZ4jbhvDKQdGbHYPC6ZxFXEau2m5Lqj; alt. Digital Currency Address - XBT 1AXUTu9y3H8w4wYx4BjyFWgRhZKDhmcMrn; alt. Digital Currency Address - XBT 1Hn9ErTCPRP6j5UDBeuXPGuq5RtRjFJxJQ; Secondary sanctions risk: North Korea Sanctions Regulations, sections 510.201 and 510.210; Phone Number 8613621583465; Identification Number 321284198607120616 (China) (individual) [DPRK3] [CYBER2] (Linked To: LAZARUS GROUP).
https://www.treasury.gov/resource-center/sanctions/OFAC-Enforcement/Pages/20200302.aspx
Pages:
Jump to: