The U.S. Department of the Treasury has sanctioned North Korean cyber actor Song Kum Hyok, associated with the Lazarus group’s sub-cluster Andariel, for facilitating IT worker schemes that fund Pyongyang’s weapons programs. The scheme involved stealing U.S. citizen identities and deploying malware across U.S. companies, with significant sanctions imposed on related entities. #Andariel #LazarusGroup
Keypoints
- Song Kum Hyok is linked to North Korea’s hacking group Andariel, a Lazarus subgroup.
- He facilitated fake U.S. identities for DPRK nationals seeking remote employment.
- The scheme generated revenue for North Korea’s weapons and missile programs.
- Sanctions include asset freezes, transaction bans, and restrictions on U.S. payment platforms.
- U.S. authorities recently conducted operations against North Korean IT worker schemes, including arrests and seizures.