On Thursday, the Department of Justice took the unprecedented step of charging a hacker allegedly working for the North Korean state. This programmer, called Park Jin Hyok, worked on the powerful WannaCry ransomware, was involved in the digital heist of tens of millions of dollars from a Bangladeshi bank in 2016, and the hack of Sony Pictures in 2014, according to the DOJ.

The move is the latest charge from the United States against a hacker working for a nation state, but the first time it has charged someone hacking for North Korea specifically. The charges come just after North Korean leader Kim Jong Un said he has “unwavering trust” in reigniting denuclearization talks with President Trump.

A senior DOJ official said on a conference call with reporters that Hyok worked in China for a front company called Korean Expo Joint Venture. This company is tasked with generating revenue for North Korean military intelligence, the official said.

Caption: The FBI's wanted poster of Hyok. Image: DOJ.

Hyok is charged with extortion, wire fraud, and various hacking crimes, the official said. The hacker also allegedly targeted Lockheed Martin. As well as those historical crimes, the complaint alleges hacking throughout 2018, the official said. Sanctions will be announced against the programmer and the front company they worked for, the DOJ said.

Read More...

Related Articles:

Lawyers for a hacker who stopped the WannaCry ransomware that paralyzed computers around the world and almost brought the NHS to its knees, says he was coerced into confessing to spreading malware, being tired and intoxicated.

Marcus Hutchins is the 23 year old security researcher behind the @MalwareTechBlog Twitter account; he's the guy who figured out that the Wannacry worm had an accidental killswitch built in and then triggered it, stopping the ransomware epidemic in its tracks. According to a US Marshals spokesman, Hutchins was arrested by the FBI shortly after the Defcon/Blackhat conference in Las Vegas, though no one has disclosed the charge. His friends cannot locate him.

"It's like WannaCry all over again," said Mikko Hypponen, chief research officer with Helsinki's cybersecurity firm F-Secure, when discussing today's latest outbreak of the WannaCry-like ransomeware attack, which as we reported earlier started in Ukraine, and has since spread to corporate systems across the world, affecting Russian state oil giant Rosneft, the international shipping and energy conglomerate Maersk, and the UK public relations company WPP, before jumping across the Atlantic and going global, by infecting the US-based division of global pharma giant Merck, which this morning confirmed it has been hit by the "Petya" attack.

The Times also cites officials, researchers, and security experts at Symantec to make the case. Symantec says the latest attack was similar to the Sony Pictures Entertainment attack. Kaspersky Lab also says the North Koreans are responsible.

A highly virulent new strain of self-replicating ransomware is shutting down computers all over the world, in part by appropriating a National Security Agency exploit that was publicly released last month by the mysterious group calling itself Shadow Brokers.