US authorities on Monday sanctioned two Chinese citizens and accused them of of laundering more than $100 million in cryptocurrency stolen in a 2018 cyberattack linked to North Korea.
Tian Yinyin and Li Jiadong are accused of working with Lazarus Group, sponsored by North Korea and blamed for the April 2018 hack of an unnamed cryptocurrency exchange in which about $250 million was stolen.
“The North Korean regime has continued its widespread campaign of extensive cyberattacks on financial institutions to steal funds,” Treasury Secretary Steven Mnuchin said in a statement.
“The United States will continue to protect the global financial system by holding accountable those who help North Korea engage in cyber crime.”
Tian and Li received about $91 million in cryptocurrency stolen by North Korea in the 2018 hack and an additional $9.5 million from another theft, the Treasury said.
It has frozen their property and assets on US territory and banned trade with them under the sanctions.
Tian allegedly laundered some of the money by selling Bitcoin for prepaid Apple iTunes gift cards.
The two were indicted Monday in US federal court charged with money laundering conspiracy and operating an unlicensed money transmitting business, the Department of Justice (DoJ) announced separately.
DoJ said it was filing a forfeiture complaint on 113 virtual currency accounts used by the defendants and others tied to their scheme, and had already seized some money.
“The hacking of virtual currency exchanges and related money laundering for the benefit of North Korean actors poses a grave threat to the security and integrity of the global financial system,” said Timothy Shea, the federal prosecutor in Washington.
The North is under heavy US and United Nations sanctions over its nuclear program, and tries to bypass those sanctions by attacking the virtual currency system, said Don Fort, criminal investigation chief of the Internal Revenue Service.
Last September, Washington issued sanctions against three North Korean entities accused in cyberattacks, including the Lazarus Group, which was involved in the theft of around $80 million from the central bank of Bangladesh.
It was also accused of being behind the WannaCry attack in 2017 that affected approximately 300,000 computers worldwide including in the US, Canada and New Zealand.
The heaviest hit was Britain’s public health system, with hospitals virtually shut down and thousands of patients turned away, costing the government ultimately more than $112 million.
Created in 2007, Lazarus Group has been known to authorities for years, with the United Nations sanctioning it in 2016.