The person at the center of this case
Multiple financial institutions and cryptocurrency platforms
Cold Case · Open
5 years waiting · since 2020
KIM IL
Justice for Multiple financial institutions and cryptocurrency platforms — the trail went cold in 2020, but the truth hasn't.
Start here
Key leads to think about
🎯
suspect
Lead #1What is Kim Il's current location and operational status within North Korea's Reconnaissance General Bureau?
🔍
evidence
Lead #2What specific malicious cryptocurrency applications did Kim develop and disseminate?
👤
person
Lead #3How is Kim Il connected to other members of the Lazarus Group and APT38?
Kim Il is a North Korean state-sponsored hacker allegedly involved in some of the costliest computer intrusions in history as part of the Lazarus Group and APT38 conspiracy. The intrusions targeted financial institutions and cryptocurrency platforms, resulting in significant theft of currency and virtual assets. Despite a federal arrest warrant issued in December 2020, Kim remains at large in North Korea, making his apprehension and prosecution uncertain.
Case
#976
United States District Court, Central District of California; Federal Bureau of Investigation
Try asking
Claim this imported case
A one-time $10 claim transfers this imported case workspace to your account. You get 10 uploads for this case, 25 daily AI questions for this case, and public tips with files route to you.
10 uploads25 AI questions/day
This does not start a subscription. When the included limits are reached, the Personal plan unlocks more workspace capacity.
More leads to consider
Beyond the top three above — each detail below could be the thread that pulls this case open.
💡
clue
Lead #4What financial institutions and cryptocurrency platforms were targeted in the conspiracy?
Have information about any of these leads?
Even the smallest detail could be the key to solving this case.
Official wording
Source Narrative
Conspiracy to Commit Wire Fraud and Bank Fraud; Conspiracy to Commit Computer-Related Fraud (Computer Intrusion) Caution: Kim Il is allegedly a state-sponsored North Korean hacker who is part of an alleged criminal conspiracy responsible for some of the costliest computer intrusions in history. These intrusions caused damage to computer systems of, and stole currency and virtual currency from, numerous victims.
Kim was alleged to be a participant in a wide-ranging criminal conspiracy undertaken by a group of hackers of the North Korean government’s Reconnaissance General Bureau (RGB). The conspiracy comprised North Korean hacking groups that some private cybersecurity researchers have labeled the “Lazarus Group” and Advanced Persistent Threat 38 (APT38).
For his part in the conspiracy, Kim is alleged to have been directly involved in the development and dissemination of a malicious cryptocurrency application, in cyber-enabled heists from financial institutions, and in the Marine Chain initial coin offering. On December 8, 2020, a federal arrest warrant was issued for Kim in the United States District Court, Central District of California, after he was charged with one count of conspiracy to commit wire fraud and bank fraud, and one count of conspiracy to commit computer fraud (computer intrusions).
Remarks: Kim is a North Korean citizen last known to be in North Korea. Kim has traveled to Singapore and Russia in the past and has reported a date of birth in 1994.
Timeline of Events
🕵️
2020-12-08
Federal Arrest Warrant Issued
A federal arrest warrant was issued for Kim Il in the United States District Court, Central District of California, charging him with conspiracy to commit wire fraud and bank fraud, and conspiracy to commit computer fraud.
Key Locations
Interactive map showing important locations related to this case
Case Information
Incident:December 8, 2020
Last Updated:June 15, 2026
Leave a comment
Comments
Case Information
Incident:December 8, 2020
Last Updated:June 15, 2026