Ethical Hacking News
US authorities have recouped over $1 million stolen from a New York company by three alleged North Korean IT bandits. The incident highlights the growing threat posed by rogue state actors and the importance of robust cybersecurity measures to protect sensitive systems and financial assets.
The US Department of Justice has recouped over $1 million stolen by three North Korean IT specialists from a New York-based company. The theft, which occurred in December 2022, involved a vulnerability exploited by Bong Chee Shen to steal Tether tokens worth approximately $1 million. Shen and two accomplices, Joshua Charles Palmer and Chris Yu, were fired for poor work performance but used their access to steal more than $700,000 and launder around $200,000 worth of cryptocurrency. The FBI investigation highlighted the growing threat posed by rogue state actors, particularly North Korea, using sophisticated cybercrime tactics.
The United States Department of Justice has successfully recouped a staggering sum of over $1 million that was allegedly stolen by three North Korean IT specialists from a New York-based company. The incident, which dates back to December 2022, highlights the sophisticated and complex methods used by rogue state actors to steal sensitive information and financial assets.
According to an FBI investigation, Bong Chee Shen, also known as Chang Nam Il or Peter Xiao, was hired by the unnamed company as an IT specialist. Shen, who used a fraudulent Malaysian ID to secure employment at the company, allegedly engineered a vulnerability in the company's cryptocurrency wallet scheme that allowed him to steal Tether tokens worth approximately $1 million. The theft took place over the course of three months, with the final laundering transaction occurring in November 2024.
Shen, along with two other alleged accomplices, Joshua Charles Palmer and Chris Yu, were fired from their positions for poor work performance and difficulties communicating with coworkers. However, it was later discovered that Shen had used his access to transfer more than $700,000 to a wallet he controlled by altering two smart contracts at another blockchain research and development company in Atlanta. The FBI also found evidence of Shen's involvement in a separate theft at a Serbian virtual currency company, where he allegedly helped steal and launder around $200,000 worth of cryptocurrency.
The alleged attack on the New York-based company was not Shen's first. He is wanted for separate thefts affecting two other companies, one in Atlanta and another in Serbia. The US Rewards for Justice program is offering a reward of $5 million for information that leads to the disruption of the mechanisms used by North Koreans to generate money for their homeland.
The incident highlights the growing threat posed by rogue state actors, particularly North Korea, which has been accused of using sophisticated cybercrime tactics to steal sensitive information and financial assets. The use of fake identities and social engineering techniques, as seen in this case, is a common tactic used by North Korean hackers to gain access to sensitive systems and steal valuable data.
The FBI's investigation into the incident was launched after the company realized that approximately $1.35 million worth of its crypto assets had been drained. The agency subsequently obtained a warrant to seize the stolen funds and return them to US-controlled wallets. On July 17, the FBI instructed Tether Limited to seize the stolen funds and return them to US-controlled wallets.
The three alleged accomplices involved in the incident are:
* Bong Chee Shen, also known as Chang Nam Il or Peter Xiao
* Joshua Charles Palmer
* Chris Yu
All three individuals are wanted by the US authorities for their involvement in the theft. Their identities were confirmed through a Know Your Customer information check at a virtual currency site, where Shen registered a wallet controlled by his fake Malaysian identity card.
The incident serves as a reminder of the growing threat posed by rogue state actors and the importance of robust cybersecurity measures to protect sensitive systems and financial assets. As the US Department of Justice continues to pursue those responsible for this heist, it is clear that the use of sophisticated cybercrime tactics will remain a top priority in the fight against North Korean hackers.
Related Information:
https://www.ethicalhackingnews.com/articles/US-Recoups-1-Million-Stolen-from-New-York-Company-by-North-Korean-IT-Bandits-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/08/11/us_tries_to_recover_1m/
Published: Mon Aug 11 13:56:00 2025 by llama3.2 3B Q4_K_M
