North Korean hacker charged with Sony, WannaCry attacks
The United States has charged a North Korean computer programmer with some of the most dramatic global hacking cases of recent years, alleging they were carried out on behalf of the regime in Pyongyang.
Park Jin-hyok, who is believed to be in North Korea, was allegedly involved in the 2014 Sony Pictures attack, the 2016 cyber-heist of Bangladesh's central bank, and the 2017 WannaCry 2.0 virus that affected more than 300,000 computers in 150 countries.
"OFAC (Office of Foreign Assets Control) designated the North Korean computer programmer Park Jin Hyok for having engaged in significant activities undermining cyber security through the use of computer networks or systems against targets outside of North Korea on behalf to the Government of North Korea or the Workers' Party of Korea," an official statement by the US Treasury Department said.
According to the 176-page indictment, Park worked for Chosun Expo Joint Venture, a company tied to a North Korean military intelligence unit called Lab 110.
Park is believed to be part of a unit known as the "Lazarus Group", which the US alleges is also tied to other spear-phishing campaigns, malware attacks, and the attempted theft of documents and money from banks in Southeast Asia and Africa.
The North Korean hacker has been charged with one count of conspiracy to commit computer fraud, and another count of conspiracy to commit wire fraud.
The computer fraud charge carries a maximum of five years in prison, while the wire fraud would mean up to 20 years.
It is unlikely Park will be extradited since the US has no formal relations with North Korea.