Two Chinese nationals were indicted by the US Treasury Department and the Department of Justice on charge of helping North Korean hackers launder cryptocurrency stolen during hacks of two cryptocurrency exchanges.
According to US officials, Tian Yinyin and Li Jiadong acted as intermediaries for Lazarus Group, which is the state-sponsored hackers of the North Korea.
The Treasury and DOJ claimed that the hackers were helping North Korean international sanctions by raising money through cyber-thefts by using ransomware and hacking banks, ATM networks, gambling sites, online casinos, and cryptocurrency exchanges.
The cash stolen from these cyber-intrusions were taken to North Korea with the help of cryptocurrency, money mules, and Chinese banks.
The US Treasury and DOJ stated that Tian and Li would receive stolen funds and then they would launder the money either by converting it into Chinese currency (yuan) or into Apple gift cards that could be used without being linked back to the stolen cryptocurrency.
Tian and Li received funds from DPRK-controlled accounts on two separate occasions. The largest amount of money they received was a batch of $91 million obtained from a cryptocurrency exchange hack that took place in April 2018. They also received $9.5 million stolen from a second exchange.
They helped to convert more than $34 million of the $91 million they received back into Chinese yuan, which was then deposited into a Chinese bank account.
Besides, they also converted $1.4 million worth of Bitcoin into Apple gift cards.
The names of the two hacked exchanges were not revealed, but it was said that the first exchange lost $250 million in the attack, which makes it one of the biggest cryptocurrency hacks of all time.
As a result of this action taken by the authorities, all property and interests of these individuals that are in the United States or in the possession or control of U.S. persons must be blocked and reported to Office of Foreign Assets Control (OFAC).
The sanctions however do not apply to Chinese banks and so the North Korean hackers might continue to launder money through this route undisturbed.