The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned two individuals and one entity involved in a network laundering millions of dollars in illicit funds for North Korea.
Lu Huaying and Zhang Jian, based in the United Arab Emirates (UAE), used a UAE-based front company to facilitate money laundering and cryptocurrency conversion, funneling the proceeds back to Pyongyang.
OFAC Imposes Sanctions
In its official press release on December 17th, the OFAC stated that North Korea continues to rely on agents and proxies to access the global financial system for illicit activities. The agency added these operations are part of the country’s broader efforts to destabilize international security, now extending to Europe with increasing military ties to Russia.
Sim Hyon Sop, a representative of the DPRK’s Korea Kwangson Banking Corp (KKBC) based in the People’s Republic of China (PRC), is said to be a key figure in these activities. Operating as an agent for North Korean financial institutions, Sim is accused of orchestrating money laundering schemes, establishing shell companies, and managing bank accounts to move illicit funds. The OFAC previously designated Sim and KKBC under Executive Order 13382, targeting entities that support WMD proliferation. Sim’s operations primarily involve digital assets to funnel money back to North Korea’s missile programs.
Since 2022, Huaying has been allegedly involved in laundering millions of dollars of illicit funds derived from DPRK activities by converting cryptocurrency into fiat currency. Between 2022 and September 2023, the accused used various methods, including money mules, to facilitate these transactions. Meanwhile, Jian also helped facilitate the exchange of fiat currency and acted as a courier for Sim.
OFAC is designating both Huaying and Zhang Jian, along with Green Alpine Trading, LLC, a UAE-based front company involved in the network, for their roles in supporting Sim’s illicit activities.
Acting Under Secretary of the Treasury for Terrorism and Financial Intelligence Bradley T. Smith stated,
“As the DPRK continues to use complex criminal schemes to fund its WMD and ballistic missile programs – including through the exploitation of digital assets – Treasury remains focused on disrupting the networks that facilitate this flow of funds to the regime. The United States, along with the UAE and our other partners, will continue to target the financial networks that enable the Kim regime’s destabilizing activities.”
North Korean Hackers Execute Wide-Ranging Crypto Heist
North Korea’s involvement in cybercrime has wreaked significant havoc in the crypto industry, as evidenced by a series of high-profile hacks and exploits. In August, ZachXBT reported that North Korean developers infiltrated over 25 crypto projects using fake identities, stealing $1.3 million through malicious code.
In October, reports emerged that North Korean hackers linked to Lazarus Group used a fake NFT game exploiting a Chrome zero-day flaw to steal wallet credentials. The game, promoted via social engineering tactics, included malware that harvested sensitive data. Despite a fix from Google, the attackers had already executed large-scale crypto thefts.
Then in November, South Korean police confirmed that North Korean hacking groups Lazarus and Andariel orchestrated the 2019 Upbit crypto heist, stealing $50 million worth of ETH. Collaboration with the FBI and Swiss prosecutors uncovered key evidence, including North Korean IP addresses and virtual asset flow patterns. The stolen funds were laundered through multiple platforms.
More recently, Radiant Capital confirmed that a $50 million hack on its DeFi platform in October 2024 was carried out by a North Korea-linked hacking group. The attackers used a Telegram-based malware scheme to exploit a developer, leading to the installation of a macOS backdoor.
Read the full article here