The person at the center of this case
Multiple cryptocurrency exchanges and financial institutions
Cold Case · Open
5 years waiting · since 2020
JON CHANG HYOK
Justice for Multiple cryptocurrency exchanges and financial institutions — the trail went cold in 2020, but the truth hasn't.
Start here
Key leads to think about
🎯
suspect
Lead #1What is Jon Chang Hyok's current location and operational status within North Korea's government hacking apparatus?
🔍
evidence
Lead #2Which specific cryptocurrency exchanges and financial institutions were targeted by the malicious applications he developed?
💡
clue
Lead #3What is the connection between Jon's past travel to China and potential future extradition or capture opportunities?
Jon Chang Hyok is a North Korean state-sponsored hacker allegedly involved in some of the costliest computer intrusions in history as part of the Lazarus Group and APT38 criminal conspiracy. He is accused of developing and distributing malicious cryptocurrency applications that targeted exchanges and companies, stealing currency and virtual assets from numerous victims. A federal arrest warrant was issued in December 2020, but Hyok remains at large in North Korea, making his apprehension and prosecution uncertain.
Case
#1082
United States District Court, Central District of California / Federal Bureau of Investigation
Try asking
Claim this imported case
A one-time $10 claim transfers this imported case workspace to your account. You get 10 uploads for this case, 25 daily AI questions for this case, and public tips with files route to you.
10 uploads25 AI questions/day
This does not start a subscription. When the included limits are reached, the Personal plan unlocks more workspace capacity.
More leads to consider
Beyond the top three above — each detail below could be the thread that pulls this case open.
👤
person
Lead #4How many co-conspirators in the Lazarus Group and APT38 remain unidentified or at large?
Have information about any of these leads?
Even the smallest detail could be the key to solving this case.
Official wording
Source Narrative
Conspiracy to Commit Wire Fraud and Bank Fraud; Conspiracy to Commit Computer-Related Fraud (Computer Intrusion) Caution: Jon Chang Hyok is allegedly a state-sponsored North Korean hacker who is part of an alleged criminal conspiracy responsible for some of the costliest computer intrusions in history. These intrusions caused damage to computer systems of, and stole currency and virtual currency from, numerous victims.
Jon was alleged to be a participant in a wide-ranging criminal conspiracy undertaken by a group of hackers of the North Korean government’s Reconnaissance General Bureau (RGB). The conspiracy comprised North Korean hacking groups that some private cybersecurity researchers have labeled the “Lazarus Group” and Advanced Persistent Threat 38 (APT38).
For his part in the conspiracy, Jon is alleged to have been directly involved in the development and dissemination of malicious cryptocurrency applications targeting numerous cryptocurrency exchanges and other companies. On December 8, 2020, a federal arrest warrant was issued for Jon in the United States District Court, Central District of California, after he was charged with one count of conspiracy to commit wire fraud and bank fraud, and one count of conspiracy to commit computer fraud (computer intrusions).
Remarks: Jon is a North Korean citizen last known to be in North Korea. Jon has traveled to China in the past and has reported a date of birth in 1989.
Timeline of Events
🕵️
2020-12-08
Federal Arrest Warrant Issued
A federal arrest warrant was issued for Jon Chang Hyok in the United States District Court, Central District of California for conspiracy to commit wire fraud, bank fraud, and computer fraud related to computer intrusions.
Key Locations
Interactive map showing important locations related to this case
Case Information
Incident:December 8, 2020
Last Updated:April 29, 2026
Leave a comment
Comments
Case Information
Incident:December 8, 2020
Last Updated:April 29, 2026