Nigerian Influencer Implicated in $1.3 Billion DPRK Cyber-Campaign

News

The United States has revealed that Nigerian social media influencer and purported fraudster Ramon “Hushpuppi” Abbas allegedly helped Pyongyang-backed hackers launder proceeds from an “unprecedented” global campaign of state-sanctioned cyberattacks.

February 23rd, 2021
Cybercrime Voting and Elections

Authorities in Dubai extradited Abbas, whose jet-setter lifestyle had earned him social media celebrity and many millions of online followers, to the U.S. last July, where he faces charges of laundering hundreds of millions of dollars in proceeds from email frauds and other scams.

At that time, prosecutors in the U.S. declined to identify those targeted by the alleged conspiracy of which Abbas was part, specifying only that the list included, among several others, an unnamed “foreign financial institution” that in 2019 fell victim to a massive cyber-heist.

But last week, while again declining to identify the exact institution, the United States Department of Justice revealed Abbas had allegedly laundered more than US$14 million from an attack by North Korean computer programmers against a Maltese bank.

The DoJ reported that another defendant in the case, Canadian national Ghaleb Alaumary, had already agreed to plead guilty to money laundering charges for his role in the international conspiracy.

News of Abbas’s purported ties to North Korean hackers comes as prosecutors announce charges against Jon Chang Hyok, Kim Il and Park Jin Hyok, who are accused of extorting and stealing more than $1.3 billion from companies and both public and private lenders across the globe.

The trio are believed to be agents of the RGB, North Korea’s shadowy and brutal military intelligence agency. They have also been previously known as the so-called Lazarus Group.

Described as “staggering” and “unprecedented” by prosecutors, their alleged state-backed hacking campaign encompassed a litany of heists against financial institutions in several countries around the world, as well as ATM schemes, ransomware attacks, cryptocurrency thefts and large-scale phishing scams.

At one point, the three men are alleged to have engaged in a “destructive cyberattack” against Sony Pictures Entertainment in retaliation for its release of the 2014 film The Interview, which featured the fictionalized assassination of North Korea’s supreme leader, Kim Jong Un.

Against the backdrop of crippling international sanctions against the notoriously opaque country, North Korea has in recent years been repeatedly accused of turning to cybercrime as a means of padding out its depleted state coffers.

In May 2020, the state reportedly recruited hundreds of hackers into its military intelligence agency. Those actors have since “targeted organizations for cryptocurrency theft in over 30 countries during the past year alone,” according  to an advisory by the U.S. Cybersecurity and Infrastructure Security Agency (CISA).

Acting U.S. Attorney General for the Central District of California, Tracy Wilkinson, said in a statement that the defendant’s actions revealed the sheer extent North Korea has been willing to go to in bypassing economic restrictions, imposed in response to widely reported allegations of rampant human rights abuses and clear evidence of nuclear proliferation.

“The scope of the criminal conduct by the North Korea hackers was extensive and long running, and the range of crimes they have committed is staggering,” she said.

“The conduct detailed in the indictment are the acts of a criminal nation-state that has stopped at nothing to extract revenge and obtain money to prop us its regime,” she added.