The US government has increased its reward for information on North Korean state-linked hackers to $10m.
The State Department’s Rewards for Justice scheme doubled a $5m offer published in March 2022, in a potential sign that its efforts have so far drawn a blank.
"If you have information on any individuals associated with North Korean government-linked malicious cyber groups (such as Andariel, APT38, Bluenoroff, Guardians of Peace, Kimsuky or Lazarus Group) and who are involved in targeting US critical infrastructure in violation of the Computer Fraud and Abuse Act, you may be eligible for a reward,” read a notice posted to Twitter.
The department is offering a Tor-based tip line so that potential informants can submit information whilst protecting their identity and location.
Last year, the US Department of Justice unsealed a federal incitement of several suspected members of the infamous Lazarus Group (APT38), said to be linked to military intelligence agency the Reconnaissance General Bureau (RGB).
However, North Korea is a notoriously secretive and globally isolated state, making traditional intelligence-gathering efforts challenging.
The hermit nation is unusual in that state actors not only seek to disrupt geopolitical rivals but also generate revenue for the Kim Jong-un regime.
State-backed hackers were recently linked to the world’s biggest ever crypto-heist when $618m was stolen from Vietnamese developer Sky Mavis and its Ronin Network. They were also blamed for the theft of $281m from Singapore-headquartered cryptocurrency exchange KuCoin in 2020.
A 2019 report from the UN claimed that Pyongyang had amassed as much as $2bn from targeting banks and cryptocurrency exchanges over preceding years, including an audacious $81m theft from Bangladesh Bank.
The North Korean state is the only one to be called out by name on the Rewards for Justice site, which otherwise explains the purpose of the program is to generate useful information “that protects Americans and furthers US national security.”
It says rewards are also offered for info on “the financial mechanisms of individuals engaged in certain activities to support the North Korean regime.”