The US imposes sanctions on the hacker group ``Kimsky'' following the launch of a North Korean military satellite.



On November 30, 2023, the U.S. government, together with Japan, South Korea, and Australia, announced that it had added the North Korean government-backed hacker group '

Kimsky ' and eight operatives to the list of sanctions. . The measures were taken in direct response to North Korea's claim that it launched a military reconnaissance satellite on November 21st.

North Korea Designations; Non-Proliferation Designation | Office of Foreign Assets Control
https://ofac.treasury.gov/recent-actions/20231130_33

Treasury Targets DPRK's International Agents and Illicit Cyber Intrusion Group | US Department of the Treasury
https://home.treasury.gov/news/press-releases/jy1938

US, partners sanction North Korea over satellite launch | Western Advocate | Bathurst, NSW
https://www.westernadvocate.com.au/story/8443821/us-partners-sanction-north-korea-over-satellite-launch/

US govt sanctions North Korea's Kimsuky hacking group
https://www.bleepingcomputer.com/news/security/us-govt-sanctions-north-koreas-kimsuky-hacking-group/

'Kimsky', which the US Treasury Department's Office of Foreign Assets Control (OFAC) added to the list of persons subject to economic sanctions, the so-called SDN list , is a subordinate organization of the Korean People's Army Reconnaissance General Bureau (RGB), and is known as 'APT43' and 'TA406'. ”, “Velvet Chorinma”, “Black Banshee”, and “Emerald Threet” are also known as the hacker group.

Kimsky, which was captured in 2010 as an RGB-affiliated organization, initially targeted South Korean government agencies, think tanks, and experts, but later expanded to include Japan, the United States, Russia, Europe, and the United Nations. Major illegal activities to date include the hacking of a South Korean nuclear power company in 2014, the 2018 STOLEN PENCIL operation that hacked an academic institution, and the 2019 attack on South Korean government and defense-related organizations. The malware attack 'Kabar Cobra' in 2017 and the 'Smoke Screen' campaign targeting American companies in the same year have been confirmed.



'Today's action is in response to the launch of a military reconnaissance satellite claimed by the Democratic People's Republic of Korea on November 21,' the Ministry of Finance said in a statement.

Brian E. Nelson, the Treasury Department's Under Secretary for Terrorism and Financial Intelligence, said, ``Today's actions by the United States, Australia, Japan, and South Korea demonstrate our commitment to countering North Korea's illegal and disruptive activities.'' It reflects our collective resolve. North Korea's use of overseas workers, money laundering, cyber espionage, and illicit financing continues to threaten international security and regional allies. We remain focused on monitoring these important targets of illicit revenue generation and arms proliferation in the DPRK.'

Since launching the satellite on the 21st, North Korea has announced that Kim Jong Un has viewed spy satellite photos of the White House, the Pentagon, and an aircraft carrier at the Norfolk Naval Base in the United States. North Korean state media also reported that the satellite photographed cities and military bases in Washington, South Korea, Guam and Italy.


by Prachatai

OFAC also added eight North Korean operatives to the SDN list for facilitating sanctions evasion and supporting the country's weapons of mass destruction program. Among them are three representatives of bases in Iran and China of Green Pine, a company responsible for the majority of North Korea's exports of arms and related materials, and representatives of bases of North Korean financial institutions in Russia and China. The group includes three individuals and two representatives of front companies that illegally obtain funds through the export of North Korean workers.

The North Korean mission to the United Nations in New York did not respond to media requests for comment on the sanctions.

in Security, Posted by log1l_ks