U.S. offers $5 million for info on North Korean cyber operators
Image: US Department of State
Martin Matishak April 15, 2022

U.S. offers $5 million for info on North Korean cyber operators

U.S. offers $5 million for info on North Korean cyber operators

The State Department announced Friday that it is offering a reward of up to $5 million for information about North Korean digital operations that help keep the regime afloat and fund its weapons programs.

The department’s Rewards for Justice program will issue the money for “information on those who seek to undermine cybersecurity, including financial institutions and cryptocurrency exchanges around the world” for Pyongyang’s benefit.

Foggy Bottom will also pay up for details about anyone who “knowingly engages in significant activities undermining cybersecurity through the use of computer networks or systems against foreign persons, governments, or other entities” on behalf of North Korean leader Kim Jong Un’s government, the department said.

The money offer comes the day after the FBI blamed the North Korean state-backed hacking group Lazarus for a hack of the popular DeFi platform Ronin Network that netted hundreds of millions of dollars worth of Ethereum — a technology platform associated with a kind of cryptocurrency — making it one the biggest cryptocurrency heists ever.

“Through our investigation we were able to confirm Lazarus Group and APT38, cyber actors associated with the DPRK, are responsible for the theft of $620 million in Ethereum reported on March 29th,” the bureau said in a statement, using an acronym for North Korea’s official state name, the Democratic People’s Republic of Korea.

The Treasury Department also unveiled new sanctions against Lazarus, which has long been a top perpetrator of cyber heists that generate revenue for Pyongyang.

The group, which is believed to be backed by the North Korean regime, has been accused of carrying out several high-profile cyberattacks over the years, including the 2014 hack on Sony Pictures and the 2017 WannaCry ransomware attacks.

The U.S. government first offered $5 million for information on the notorious group in 2020.

“The DPRK’s malicious cyber activities threaten the United States and the broader international community and, in particular, pose a significant threat to the integrity and stability of the international financial system,” agencies warned at the time.

Offering rewards for information on malicious online actors is just one of a host of strategies the federal government has employed to get ahead of cyber criminals in recent years.

In February, the State Department offered a $10 million reward for information on two Iranian hackers who allegedly participated in state-sponsored cyber operations designed to interfere with the 2020 U.S. presidential election.

Last July, the Rewards for Justice program offered up the same dollar amount for information to help identify or locate anyone engaged in foreign state-sanctioned malicious cyber activities, including ransomware operations, against U.S. critical infrastructure after the U.S. public and private sectors were hit by various ransomware campaigns.

Martin is a senior cybersecurity reporter for The Record. He spent the last five years at Politico, where he covered Congress, the Pentagon and the U.S. intelligence community and was a driving force behind the publication's cybersecurity newsletter.