• North Korean Crypto Hacking Scheme Lands US-Canadian Citizen in 11 Years Prison

  • A Canadian-American citizen who used wire transfers and cryptocurrency exchanges to launder funds for North Korean military hackers was sentenced to 11 years in prison and ordered to pay $30 million in restitution by a federal court in the United States.

    In early 2020, the Department of Justice charged three North Korean military intelligence officers with attempting to steal over $1.3 billion through a series of extortion plots and cyberattacks, including over $100 million in cryptocurrency thefts and a cyberattack on Sony Pictures in retaliation for its production of “The Interview,” a farcical take on the isolated nation.

    Ghaleb Alaumary, an Ontario resident, pled guilty in 2020 to conspiring to launder money for North Koreans in 2018. He recruited others to launder illicit funds received from BankIslami as the point-person for the group’s ATM cash-out schemes, in which the hackers bypassed fraud prevention mechanisms to change balances and increase withdrawal limits. They robbed a Pakistani commercial bank of $6.1 million.

    Alaumary had more than just the Democratic People’s Republic of Korea as a client (DPRK). He also pled guilty to fraud for sending emails purporting to be from a construction company seeking payment from a Canadian university; the university paid him $9.4 million. Among the other victims are Asian banks and a British soccer club.

    “Once the ill-gotten funds were in accounts he controlled, Alaumary further laundered the funds through wire transfers, cash withdrawals, and by exchanging the funds for cryptocurrency,” according to a press release issued by the Department of Justice yesterday.

    “This defendant was an integral conduit in a network of cybercriminals who siphoned tens of millions of dollars from multiple entities and institutions around the world,” said Acting United States Attorney David H. Estes of the Southern District of Georgia. “He laundered money for a rogue nation and some of the world’s worst cybercriminals, and he oversaw a team of co-conspirators who helped line thieves’ pockets and digital wallets.”

    The North Korean defendants are still at large and likely free of the United States’ grasp, as the two countries do not have an extradition treaty, despite the fact that the United States successfully extradited a North Korean national based in Malaysia in 2021, a first.

    North Korea, a hermit Communist country with little in the way of an economy, has relied on criminal hacking by the military to keep the lights on. A May New Yorker profile cited Chainalysis’ Jesse Spiro’s estimate that DPRK hackers stole a total of $1.75 billion in cryptocurrency from exchanges—a tenth of the country’s defense budget.

    What's your reaction?