The US State Department has announced that it will inflate rewards paid for tip-offs about North Korean state-backed cyber threat group members this week.
The reward has doubled to $10 million since March this year, when the State Department announced rewards of up to $5 million for information on DPRK cyber threat actors that support the North Korean regime's illicit activities by targeting crypto exchanges and financial institutions. According to a DPRK cyber threat advisory released earlier this year, the State Department outlined that it would reward any tips on North Korean hackers' cyber activity, offering up to $5 million for tip-offs which will lead to individuals' identification, location or disruption of DPRK-related, illicit activities.
"If you have information on any individuals associated with the North Korean government-linked malicious cyber groups (such as Andariel, APT38, BlueNoroff, Guardians of Peace, Kimsuky, or Lazarus Group) and who are involved in targeting US critical infrastructure in violation of the Computer Fraud and Abuse Act, you may be eligible for a reward," the Department stated.
REWARD! Up to $10M 💰for information on DPRK-linked malicious #cyber activity & #cyberthreat actors.— Rewards for Justice (@RFJ_USA) July 26, 2022
Got a tip on the Lazarus Group, Kimsuky, Bluenoroff, Andariel, or others? Send it to RFJ via our TOR-based tip line. https://t.co/oZCKNHU3fY pic.twitter.com/ONKHXwWiV1
Multiple North Korean hacking groups have been linked to espionage and cyber-theft campaigns targeting financial institutions and digital currency exchanges in the past.
Recently, the FBI linked two North Korean hacking groups, Lazarus and BlueNoroff (APT38), to the $620 million Ethereum theft from Axie Infinity's Ronin network bridge.
In February 2021, a trio of Lazarus Group members were charged in the US for stealing $1.3 billion from cyber attacks that targeted banks, the entertainment industry, cryptocurrency companies, and other organisations globally.
The US Treasury Department sanctioned three North Korean hacking groups (Lazarus Group, BlueNoroff, and Andariel) in 2019 for sending stolen financial assets to the North Korean government.
Previously, the US government outlined that the various tactics used by Pyongyang-linked hackers to illicitly raise revenue include cyber-enabled financial theft and money laundering, crypto-jacking campaigns, and extortion operations.
"They develop and deploy a wide range of malware tools around the world to enable these activities and have grown increasingly sophisticated," the State Department said.