An employee from a South Korean cryptocurrency exchange was sentenced to four years in prison for trying to recruit a military officer to sell classified information to North Korea in return for Bitcoin, as ruled by the Supreme Court on December 28.
The ruling also includes a four-year prohibition on the employee from engaging in financial sector activities.
Court documents indicated that North Korean hackers paid the exchange employee $487,000 in Bitcoin to recruit a 30-year-old army captain, who received $33,500 in Bitcoin in exchange, according to South Korean media outlet Dailian.
The employee made contact with the officer via a Telegram chat, offering cryptocurrency for access to sensitive military information.
The employee sent a watch-shaped hidden camera and a USB “hacking device” to the captain as instructed by the hackers. These devices were supposed to capture and transmit data from the Korean Joint Command and Control System, a platform utilized for intelligence sharing between the U.S. and South Korea.
Military police intercepted the devices before any breach could happen.
“The defendant must have known he was attempting to expose military secrets to a country hostile to South Korea,” the judge stated. “This crime could have jeopardized the entire nation and was carried out for personal financial gain.”
The captain, identified by the surname Kim, was sentenced to 10 years in prison and fined $35,000 for violating the Military Secrets Protection Act.
DLNews reporting contributed to this article.
North Korea’s cryptocurrency activities
The U.S. Treasury Department, on November 4, sanctioned eight individuals and two entities associated with North Korea’s cybercriminal endeavors, focusing on the flow of cryptocurrency looted by DPRK hackers.
In the last three years, cybercriminals affiliated with North Korea have stolen over $3 billion, mainly in digital currencies, utilizing malware, ransomware, and social engineering to attack banks, exchanges, and other platforms.
The Treasury stated that the stolen funds support Pyongyang’s nuclear weapon and missile programs.
Among those sanctioned were bankers Jang Kuk Chol and Ho Jong Son, who oversaw over $5.3 million in cryptocurrency linked to ransomware attacks and DPRK IT employees abroad. The Korea Mangyongdae Computer Technology Corp., which operates overseas IT delegations, and its president U Yong Su, were also targeted, along with Ryujong Credit Bank in Pyongyang and five DPRK banking representatives in China and Russia for laundering millions in global currencies.
In September 2024, the FBI issued a warning that North Korean hackers were focusing on U.S. cryptocurrency exchange-traded funds (ETFs) to steal digital assets.
According to the agency, the attackers are using sophisticated social engineering techniques to breach companies related to these financial products.
