Skip to main content

North Korea

Superhackers who couldn’t spell

North Korean hackers are thought to have stolen more than $2bn for Kim Jong-un’s missile development programmes. STR/AFP/Getty Images

In 2016 North Korea is said to have attempted the “most audacious cyber-heist in history” – a theft of $1bn from Bangladesh’s central bank. The seeds of this crime were sown 25 years earlier, when the country’s rogue communist regime went broke. To raise cash fast, then leader Kim Jong-il became the “Tony Soprano” of east Asia, say Geoff White and Jean Lee in The Lazarus Heist, a 10-part BBC podcast. He commanded subordinates to produce knock-off cigarettes, Viagra, weapons, cars, clothing, pharmaceuticals and crystal meth. They also forged $100 notes that even US experts struggled to detect. Crime paid, earning Kim billions.

The FBI finally unravelled what was going on. In 2005 dozens of North Koreans were lured to a fake wedding on a yacht near Atlantic City. When they set out for the ceremony, the limousine drivers instead drove them “straight into the arms of the FBI”. North Korea’s US crime wave ended abruptly.

But it was under way again when Kim Jong-un assumed power in 2011. The millennial heir knew where the big money was: cybercrime. His first coup came three years later, when North Korea’s so-called Lazarus Group hacked Sony Pictures in LA. Within days the world was reading Sony’s emails, in which staff criticised stars such as Angelina Jolie and the “difficult and demanding” Tom Cruise.

Emboldened, this “highly organised group of cybersoldiers” hacked into Bangladesh’s central bank in 2016, sending fake transfer requests worth $1bn in total to the Federal Reserve Bank of New York. Then an employee noticed a fictional Sri Lankan charity referring to itself as a “fandation”, rather than “foundation”. The misspelling alerted the bank – but not before the Lazarus Group had spirited $81m away. In 2019 the UN said North Korean hackers had stolen more than $2bn for the country’s missile development programmes.

Click here to hear the full story.