FBI Adds North Koreans to Cyber’s Most Wanted List

Entrance of FBI, Federal Bureau of Investigation Headquarters in Washington DC

In 2021, the FBI has added two North Koreans to its list of Cyber’s Most Wanted. This brings the number of cybercriminals wanted by the FBI to more than 100 individuals. The vast majority of these individuals are Chinese, Russian or Iranian. Cybercrimes range from hacking and online fraud to state-sponsored cyber-theft.

The FBI’s Cyber’s Most Wanted List

Most people have heard of the FBI’s Most Wanted Fugitives List. In fact, this month marks the 71st anniversary of the list. The first “Top Ten List” was created on March 14, 1950. But as early as in 1919, the FBI started issuing identification orders. There are two criteria for adding someone to the list. First, the individual has to be considered “dangerous”. Second, publicity should help lead to the fugitive’s arrest. Not all criminals meet both criteria.

Historically, the FBI’s list reflects the most pressing concerns of the time, in terms of crimes. In the 1950s, for example, bank robbers, burglars and car thieves were prominent on the list. Organized crime groups and murderers, on the other hand, seemed to be more prevalent in the 1970s. While drug smugglers and serial killers became a priority in the 1980s. International criminal activity gained a larger footprint in the 1990s.

Since 2010, the FBI has been keeping a separate list for cybercriminals, known as “Cyber’s Most Wanted”. The first two cybercriminals on that list were Bjorn Daniel Sundin and his co-conspirator Shaileshkumar P. Jain. Both “internet entrepreneurs” allegedly sold more than a million copies of bogus software to unsuspecting victims in more than 60 countries. This resulted in a consumer loss of approximately $100 million.

Wide Range of Cybercrimes

The FBI’s Cyber’s Most Wanted list currently contains 102 entries. Looking at the different cases pursued by the FBI, the crimes vary greatly. Some individuals are wanted for installing malware on victim’s computers through phishing emails to eventually capture credentials and steal money from their accounts.

Others are suspected of computer fraud, racketeering, extortion, ransomware attacks, distributed denial of service (DDoS) attacks, or the creation of false social media profiles and spreading disinformation. On the other side of the spectrum are sophisticated international cybercrime operations, money laundering, trade secret theft, and economic espionage.

The cost of cybercrime is enormous and rapidly increasing. According to a report published earlier this year by Cybersecurity Ventures, the global cost of cybercrime is expected to reach $6 trillion in 2021. If measured as countries’ economies, that would make it the world’s third-largest economy, after China and the US.

Nationalities From all Around the World

According to the Centre for Strategic & International Studies (CSIS) hackers associated with China are one of the biggest cyber offenders. Simultaneously, the US is a top target for Chinese hackers. This is clearly reflected by the number of Chinese nationals on the FBI’s Cyber’s Most Wanted list. The majority are of Chinese origin, including several officers from China’s People’s Liberation Army.

Second come Russian nationals, followed by individuals with close ties to a range of other countries, like Ukraine, Romania, Nigeria, El Salvador, Vietnam, North Korea, Canada, the United Kingdom, Sweden, and Germany.

At the moment, there are no female offenders on the FBI’s Cyber’s Most Wanted list. One of the most well-known female hackers is Krisina Svechinskaya, a Russian hacker who was also a top NY University student. She specialized in the deployment of Zeus Trojan horses and worked as a hacker’s money mule.

2 North Koreans Added to the List

In February, the FBI announced charges against three North Korean government hackers. One of them, Park Jin Hyok, already featured on Cyber’s Most Wanted list since 2020. The FBI added two of his compatriots, Jon Chang Hyok and Kim Il, to the list earlier this year.

Federal prosecutors accuse the three young men, all born between 1981 and 1994, of participating in a wide range of cyberattacks and several bank heists. The men are believed to belong to the North Korean hacking group known as the Lazarus Group or APT38.

The Lazarus Group is linked to an attack on Hollywood film studio Sony Pictures in 2014. They are also accused of stealing over $1 billion from banks around the world. And for creating the ransomware known as WannaCry. WannaCry ransomware attacks disrupted the IT systems of the UK’s National Health Service and rapidly spread to other government institutions and companies worldwide.

Difficult to Apprehend

For some individuals, the FBI is willing to pay a substantial sum for any tip that may lead to their arrest and/or conviction. Tips can be submitted online anonymously.

Here are some of the most high-profile cybercriminals being sought by the FBI, coincidentally all Russian:

  • Alexsey Belan, worth $100,000. The now 33-year-old has been indicted three times for crimes relating to computer intrusions. He allegedly broke into computer networks of e-commerce companies in Nevada and California and, along with other individuals on the list, compromised at least 500 million Yahoo accounts. Belan was last known to be in Russia, but may travel within Russia, Greece, Latvia, the Maldives and Thailand.
  • Evgeniy Mikhailovich Bogachev, who is believed to be one of the administrators of the GameOver Zeus botnet. This botnet spread a very sophisticated type of malware designed to steal banking and other credentials. Businesses and consumers in the US and around the world suffered financial losses totaling $100 million. In 2015, the FBI put a $3 million reward on his head. Bogachev most likely resides in Russia. He is known to enjoy boating and may travel to locations along the Black Sea.
  • The FBI reward of $3 million was the highest ever until December 2019, when the FBI issued a $5 million reward for the leader of the Evil Corp hacker group, Maksim Viktorovich Yakubets. He is suspected to be involved in the installation of Zeus malware on victim’s computers and for the development and deployment of the Dridex banking trojan virus. His current whereabouts are unknown.

Many of the countries cybercriminals originate from, like Russia, Algeria, Ukraine, China, North Korea, do not have an extradition treaty with the US. This means that they will not turn over a person accused or convicted of a crime. The FBI sometimes has success capturing fugitives as they travel between countries. Unfortunately, this is less likely now that so many borders remain closed because of the Covid-19 pandemic.

IT communication specialist
Sandra has many years of experience in the IT and tech sector as a communication specialist. She's also been co-director of a company specializing in IT, editorial services and communications project management. For VPNoverview.com she follows relevant cybercrime and online privacy developments.