The U.S. government on Thursday charged and sanctioned a North Korean man in the 2017 global WannaCry ransomware cyberattack and the 2014 cyberassault on Sony.
The charges also alleged that the North Korean hacker broke into the central bank of Bangladesh in 2016, according to a criminal complaint.
Park Jin Hyok worked as part of a team of hackers, also known as the Lazarus Group, to try to breach multiple other U.S. businesses, according to the complaint. In 2016 and 2017, Park's targets included defense contractor Lockheed Martin. The complaint said there was no evidence Lockheed was breached.
The U.S. Treasury Department has imposed sanctions against Park and the Chinese-based front company he worked for, Chosun Expo.
In 2014, U.S. officials said unnamed North Korean hackers were responsible for a major cyber intrusion into Sony, which resulted in leaked internal documents and data being destroyed.
Park used a series of online personas for social media platforms, including on Facebook and Twitter, to send malicious links to individuals involved in the production of "The Interview," the complaint said. The malicious links carried North Korean-controlled malware.
In November 2014, Park allegedly launched the same style social media-focused attack against employees of AMC Theatres. The movie theater chain in some cases delayed or canceled screenings of "The Interview" nationwide. The complaint said there was no evidence AMC Theatres was breached.
Last year, the WannaCry ransomware attack affected thousands of businesses across the globe through a computer virus that encrypted files on affected systems, including Britain's National Health Service, where nonfunctional computer systems forced the cancellation of thousands of appointments.
A senior Justice Department official said a criminal investigation into Park and his accomplices was still ongoing. There has been no communication between the U.S. and North Korean government about a possible extradition, the official said.