The U.S. Department of Justice charged three North Korean computer programmers on February 17, 2021 with participating in a conspiracy to conduct cyberattacks in an effort to steal and extort over $1.3 billion in cryptocurrency and fiat. The wide-ranging indictment reveals efforts by members of North Korea’s Reconnaissance General Bureau to engage in cyberattacks against the entertainment industry, banks, and other financial institutions, including those in the cryptocurrency industry.
Efforts to steal cryptocurrencies from exchanges via cyberattacks are not a new phenomenon (see Mt. Gox), particularly for those acting on behalf of sanctioned countries, such as North Korea. One particular, and possibly unprecedented, scheme in this particular indictment relates to the Marine Chain Token and Initial Coin Offering.
Notably, the DOJ has alleged that the North Korean defendants developed and marketed in 2017 and 2018 the Marine Chain Token, which allowed investors to purchase fractional ownership interests in marine shipping vessels (such as cargo ships), supported by a blockchain. In marketing and promoting the ICO, the defendants obfuscated the fact that the ICO was for North Korean interests, and in practice, an effort to evade economic sanctions.
Even more striking: the defendants attempted to receive approval from Hong Kong’s Securities and Futures Commission to trade the Marine Chain Token as a security.
Sanctioned countries and other related actors have targeted cryptocurrency exchanges and other businesses via cyberattacks in an effort to extort and steal assets. That is not new. What is unprecedented is the effort by sanctioned countries and actors to raise funds using an ICO, and specifically, to seek regulatory approval for that ICO. This case demonstrates the risks inherent in certain fundraising efforts, including ICOs, and could lead investors to take additional steps when assessing whether to participate, including greater diligence of the sponsors.