A South Korean cryptocurrency exchange employee has been sentenced to four years in prison for attempting to recruit a military officer to sell classified military secrets to North Korea in exchange for Bitcoin. The ruling was issued by the Supreme Court on December 28, and it also imposes a four-year ban on the employee from engaging in any financial sector activities.
Court documents revealed that the employee facilitated the recruitment of a 30-year-old army captain, who was paid $33,500 in Bitcoin as part of the scheme. The exchange staffer received a hefty payment of $487,000 in Bitcoin from North Korean hackers for this recruitment. Using Telegram, the staffer approached the officer with an offer of cryptocurrency in exchange for access to sensitive military information.
As part of the plot, the staffer sent a covert watch-shaped camera and a USB device intended for hacking, both under the instructions of North Korean hackers. These devices were designed to capture and transmit information from the Korean Joint Command and Control System, which serves as a platform for intelligence sharing between U.S. and South Korean forces. Fortunately, military police managed to intercept the devices before any breach occurred.
In his sentencing, the judge highlighted the gravity of the crime, stating, “The defendant must have been aware that he was attempting to uncover military secrets for a country hostile to South Korea. This crime could have endangered the entire country and was committed for personal financial gain.” The army captain, surnamed Kim, was also sentenced to ten years in prison and fined $35,000 for violating the Military Secrets Protection Act.
This incident occurs against the backdrop of ongoing concerns regarding North Korean cybercrime activities. On November 4, the U.S. Treasury Department sanctioned eight individuals and two entities linked to North Korea’s cyber operations, aimed specifically at curbing the flow of stolen cryptocurrency by North Korean hackers. In recent years, these cybercriminals have reportedly pilfered over $3 billion, primarily through tactics such as malware, ransomware, and social engineering attacks targeting financial institutions and crypto exchanges.
The sanctioned individuals included bankers who managed substantial amounts of cryptocurrency obtained through ransomware attacks, as well as organizations such as the Korea Mangyongdae Computer Technology Corp., known for managing North Korean IT operations overseas. Furthermore, the FBI issued a warning in September 2024 about North Korean hackers targeting U.S. cryptocurrency exchange-traded funds, employing sophisticated techniques to infiltrate companies involved in these financial products. The ongoing efforts highlight the persistent threat posed by North Korean cyber activities to both national and international security.
