Two Chinese citizens face United States federal charges for laundering over US$100 million in stolen crypto currency,
The two are 33-year-old Li Jiadong of Anshan in Liaoning province and 34-year-old Tian Yinyin of Nanjing, Jiangsu.
Along with the the Department of Justice charges, they have been named and designated by the United States Treasury's Office of Foreign Asset Control for laundering crypto-currency believed to be stolen from exchanges by the North Korean government controlled Lazarus Group.
Advanced persistent threat Lazarus Group is said by the US Treasury to have sent Tian and Li US$91 million stolen from a crypto currency exchange in an April 2018 hack, and US$9.5 million taken from another exchange at an unspecified date.
The US Treasury did not name either exchange but said the April 2018 hack resulted in a total of US$250 million being stolen, amounting to nearly half of North Korea's crypto currency heists that year.
Lazarus Group gained access to private keys for crypto currency wallets by emailing exchange staffers malware that compromised their computers.
The hackers set up a company and a website that offered the Lazarus Group developed and deployed the now defunct crypto currency application called Celas Trade Pro which contained malware, for the phishing attack.
After the stolen crypto currency was "layered" or mixed, it was sent to four different exchanges.
Of the funds received by Tian and Li, over US$34 million was moved to a Chinese bank account held by the former.
Tian also laundered almost US$1.4 million in Bitcoin by using prepaid Apple iTunes gift cards.
Certain crypto currency exchanges accept iTunes gift cards as payment for Bitcoin purchases, the US Treasury said.
Lazarus Group is believed to be under control of North Korea's main intelligence agency, the Reconnaisance General Bureau.
An August 2019 United Nations Security Council report estimated that North Korea had attempted to steal as much as US$2 billion from financial institutions and crypto currency exchanges.
Of that, US$571 million was attributed to crypto currency theft.
North Korea uses the stolen funds to support its illegal ballistic missile and nuclear weapons programs but some of money was used to improve the country's hacking infrastructure as well, the DoJ said.
Any person or organisation dealing with Tian and Li could themselves face US sanctions.
Citing concerns over money laundering and illicit financing, the US government in June 2019 required all other countries to regulate and supervise crypto currency exchanges.
