North employs hackers to earn foreign money

Pyongyang employs hackers to earn foreign currency, prosecutors here confirmed Sunday, adding that three South Korean individuals were indicted for collaboration with North Korean hackers and spy agents, which included exchange of personal data of millions of individuals and receiving malignant programs.

The Seoul Central District Prosecutors’ Office stated Sunday that a 28-year-old hacker surnamed Choi was charged and indicted for violating the National Security Law which bans communication with and sending financial aid to North Korea.

Two accomplices, his 29-year-old brother and 34-year-old Kim, were indicted without physical detention.

The three South Korean programmers, said prosecutors, worked with North Korean hackers, brokers and spy agents based in China to run illegal Web sites, agreeing to return a fifth of the proceeds to the North’s hacking group.

They also obtained and exchanged the personal information of 140 million South Korean online profiles.

Choi also received malignant codes and programs from North Korean hackers and was involved in distributing spam for gambling and porn sites.

Since 2006, Choi allegedly had regular communication with a North Korean hacker known by his surname Han based in China, who worked for a software company, Rungnado Information Center, run by the North Korean Workers’ Party.

The company was disguised as a legitimate firm but in actuality employs hackers like Han and was reportedly traced to be the main culprit behind the hacking of the servers of Nexon, a top South Korean gaming company, in 2011, leading to over 13 million gamers’ data being leaked.

Choi told prosecutors that between 2006 and 2012, through his various activities and hacker Han, he obtained the personal information including names, addresses and resident registration numbers and passwords of 140 million South Korean profiles.

Around 2009, Choi received from Han a distributed denial of service (DDoS) program which has the same codes as the one North Korea used in its July 2009 cyberattack against portal sites of government agencies in Seoul and Washington.

Choi and his accomplices used the malignant code received from Han to attack corporations’ Web sites and steal personal information from subscribers.

They sent them mass spam mail advertising gambling and pornographic Web sites.

Choi also received between May and July 2011 two laptops and a USB drive from a North Korean secret agent known by his surname Lee to “use for hacking.” This included a gambling simulation program.

He also created a program which enables gamers to play on auto-pilot mode, based on the hacked data of gamers, and sold it in China for 45 million won($39,451).

For five months from August 2011, he founded and operated an illegal gift exchange Web site through a home trading system program coded by North Korean hackers through which he earned 1.3 billion won.

“There are many North Korean hackers in China who are disguised as regular programmers but are actually involved in obtaining foreign currency,” the prosecutors’ office stated.

By Lee Ga-young, Shim Sae-rom [sarahkim@joongang.co.kr]