US Charges North Korean for WannaCry, Sony Picture Hacks

The The states has charged a North Korean developer for the WannaCry ransomware attack in 2022 and the Sony Pictures hack in 2022.

The programmer, 34-year-old Park Jin Hyok, allegedly works for a North Korean spy agency called the Reconnaissance Full general Bureau, the United states of america Justice Department said on Thursday.

Although the United states of america previously blamed N Korea for the both the WannaCry and Sony Pictures cyber attacks, this is the offset time federal investigators have publicly named a suspect in the crimes.

The Justice Department says Park and other unnamed co-conspirators were involved in a barrage of cyber attacks that too involved an $81 million heist on the Banking company of Bangladesh in 2022 and attempts to infiltrate companies such as Lockheed Martin.

The federal arrest warrant for Park was issued by the US in June, merely merely unsealed today. Park allegedly worked in Cathay from at to the lowest degree 2022 to 2022, merely returned to North Korea shortly before the hack on Sony Pictures in 2022.

Officials say Park at times traveled to neighboring China and conducted piece of work under a front company called Chosun Expo, a software and gambling products supplier. Ane of his goals was to generate revenue for the North Korean government, federal investigators claim.

To attack his targets, Park and his cohorts used phishing emails that were made to look similar official messages from Google or Facebook, but actually independent links to install malware. To breach Sony Pictures, they also created fake Facebook profiles that sent letters to company employees with links to nude photos of celebrities. To target banks, Park allegedly used "watering hole" attacks, which involved secretly taking over legitimate websites to spread malware.

However, federal investigators—who obtained 100 search warrants for i,000 e-mail and social media accounts involved in the hacks—uncovered a large network of different internet accounts the North Korean programmer allegedly used.

They found that Park used his real name in e-mail accounts for his front company, Chosun Expo. One such account, ttykim1018@gmail.com, has links to tty198410@gmail.com, which was used to target multiple victims including Sony Pictures and the Depository financial institution of Bangladesh, federal investigators claim.

"For example, a remote file-storage service associated with tty198410@gmail.com independent a 5.1 megabyte password-protected file titled '203- 8-24.rar,' and ttykim1018@gmail.com was the just other business relationship that had access to the password-protected file," the complaint against Park says. "Ttykim1018@gmail.com was also listed every bit one of merely 2 accounts in the contacts list of tty198410@gmail.com."

Us officials said they've had no talks with Democratic people's republic of korea over extraditing Park, merely plan on using US sanctions to both punish him and his front end company. Park has been charged with conspiracy to commit wire fraud and other reckoner-related fraud crimes.

Investigators too doubtable Park was working with a whole squad of hackers, but they've then far refrained from publicly charging them.

U.s.a. Sen. Mark Warner, a Virginia Democrat, called Thursday's action "an of import step in making clear to our adversaries that these kinds of criminal activities are unacceptable." Only he added, "it also points to the need for a clearly thought-out and articulated strategy for deterring and punishing country-sponsored cyberattacks."

Editor'due south note: This story was updated at 3 p.thou. ET with more details.

Source: https://sea.pcmag.com/news/29249/us-charges-north-korean-for-wannacry-sony-picture-hacks

Posted by: braggfleandepend1972.blogspot.com

Share this post