U.S. Sanctions North Korean Bankers Over Crypto Laundering Tied to Cyberattacks

Core Points - The U.S. Treasury has imposed new sanctions on North Korean bankers and institutions involved in laundering cryptocurrency linked to cyberattacks and illicit IT work schemes that fund weapons programs [1][6] - North Korean state-sponsored hackers have reportedly stolen over $2 billion in cryptocurrency in 2025, indicating the regime's increasing dependence on digital assets [2] - The sanctioned network utilized cryptocurrency transactions and shell companies to obscure the flow of illicit funds, with specific individuals managing significant amounts tied to ransomware activities [4][5] Group 1: Sanctions and Targets - Eight individuals and two entities were designated for laundering funds derived from cybercrime, including proceeds from ransomware and crypto thefts [1] - The Treasury targeted specific individuals, including Jang Kuk Chol and Ho Jong Son, who managed at least $5.3 million in cryptocurrency linked to First Credit Bank [4] - The sanctions also extend to Korea Mangyongdae Computer Technology Company (KMCTC), which allegedly used Chinese nationals as banking proxies to disguise the origins of funds earned by DPRK IT workers abroad [5] Group 2: Cyber Activities and Techniques - North Korean hackers employ advanced malware, phishing campaigns, and social engineering to infiltrate crypto firms and exchanges [3] - A recent investigation revealed that these hackers are increasingly using AI to automate and scale their cyberattacks [3] - Ryujong Credit Bank was also sanctioned for facilitating international transfers for North Korean entities involved in sanctions evasion and crypto laundering [6]