A $10 million reward is being offered for information leading to the identification or location of malicious hackers working with North Korea to launch cyber attacks on US critical infrastructure.

The offer comes from the US State Department which is understandably eager to disrupt the activities of hacking gangs linked to foreign governments who may have engaged in espionage, cryptocurrency theft, and other malicious activities.

In a tweet announcing the reward, the Rewards for Justice initiative said that up to $10 million was available for information on “North Korean government-linked malicious cyber groups (such as such as Andariel, APT38, Bluenoroff, Guardians of Peace, Kimsuky, or Lazarus Group).”

Regular readers of the Tripwire State of Security blog are likely to be all too familiar with the names of some of those hacking groups, who are believed to be responsible for such high profile incidents as the 2014 hack of Sony Pictures, attacks on cryptocurrency exchanges, and the Bangladesh Bank cyberheist.

North Korea has also been publicly named by the US and UK governments as being responsible for the notorious WannaCry malware attack.

Understanding that those with information about North Korean-linked hackers may be nervous about sharing what they know, Rewards for Justice has set up a dark web secure tips-reporting line that is accessible via Tor.

In addition, the initiative dangles the possibility that “relocation and rewards payments by cryptocurrency may be available to eligible sources.”

In short, the United States is saying that if you help them, they won’t necessarily be sending you a big fat cheque which might raise eyebrows when you try to pay it into the bank. And, furthermore, if you need an even higher level of protection, they may even help you start a new life that (hopefully) will be far beyond the reaches (Read more...)