Rim, who was charged with conspiracy and conspiracy to launder money, is still in North Korea, senior law enforcement officials said — meaning he is unlikely to be arrested anytime soon. U.S. officials have offered a $10 million reward for information leading to his capture.
Officials say the Rim case is just the latest example of a kind of hybrid crime model that North Korea uses to engage in espionage — conducting for-profit cyberattacks and using the money from those crimes to fund further hacking and data thefts from sensitive targets that could help North Korea’s military and nuclear ambitions.
In the ransomware scheme, Rim allegedly encrypted files on the computers of a Kansas hospital, among other businesses, and then demanded large payments so the organizations could regain control of their files.
That ransom money, in turn, “funded the Conspirators’ computer intrusions into government agencies, military bases, and companies supporting the military, including with missile, aerospace, and uranium processing technology,” an indictment filed Wednesday in Kansas charges.
In February 2022, Rim and his co-conspirators were able to gain and retain access “for more than three months to NASA’s computer system, specifically the portal for its Office of Inspector General, and extracted over seventeen gigabytes of unclassified data,” according to the indictment.
U.S. authorities allege that Rim and his associates also hacked into Randolph Air Force Base in Texas, Robins Air Force Base in Georgia, and defense companies in the United States and South Korea.
U.S. officials said they have seized dozens of accounts used in the alleged scheme, which together held more than $600,000 in virtual currency. That money will be returned to victims, law enforcement officials said.
