South Korea Blacklists North Korean Individuals Linked to $1.3B Crypto Theft
North Korea remains under global scrutiny due to its actions and weapons development. On December 26, South Korea blacklisted several individuals: Park Heung-ryong, Yoon Jeong-sik, Ri Il-jin, and Kim Gyeong-il.
An official statement indicated these individuals are members of the 313th General Bureau, a unit within North Korea's Workers' Party associated with the Lazarus Group. They will be added to South Korea's sanctions list starting December 30.
North Korean Cyber Activities and Crypto Theft
The 313th Bureau deploys numerous IT personnel abroad, including in China, Russia, Southeast Asia, and Africa. These operatives pose as employees of regime-linked organizations while securing work from international IT companies.
This group utilizes hacking techniques, phishing scams, and malware attacks to compromise crypto wallets and exchanges. South Korean authorities report that the 313th Bureau was involved in the $1.3 billion worth of digital assets stolen by North Korean hackers this year, according to Chainalysis.
This amount accounts for 61% of total digital assets stolen globally over the past 24 years, marking it as the largest theft on record. The stolen funds have reportedly supported North Korea's weapons development, including nuclear missiles, raising tensions on the Korean Peninsula.
South Korea's government stated that addressing these illicit activities is crucial for limiting Pyongyang's military capabilities.
Uncovering the Undercover Agents
Among the sanctioned individuals, Kim Cheol-min worked as an undercover agent at US and Canadian companies, earning significant foreign currency to support North Korea's weapon developments.
Kim Cheol-min sent his earnings to Pyongyang, while Kim Ryu-seong faced indictment in the United States for violating US sanctions over several years.
A Joint Effort to Prevent Future Crypto Theft
The South Korean government collaborated with international entities to dismantle North Korea's illegal cyber operations. Recently, South Korea and the United States formed a strategic partnership to develop technologies aimed at preventing crypto theft linked to North Korea.
Reports indicate that South Korea's science ministry will support this initiative until 2026. Researchers from Korea University and RAND Corp. will collaborate on tracking stolen cryptocurrency, preventing cyberattacks, and investigating how criminals launder illicit funds through methods such as ransomware.