The person at the center of this case
Multiple financial institutions and cryptocurrency victims
Cold Case · Open
5 years waiting · since 2020
KIM IL
Justice for Multiple financial institutions and cryptocurrency victims — the trail went cold in 2020, but the truth hasn't.
Start here
Key leads to think about
🎯
suspect
Lead #1What is Kim Il's current location and operational status within North Korea's Reconnaissance General Bureau (RGB)?
🔍
evidence
Lead #2What specific malicious cryptocurrency applications and code did Kim Il develop and disseminate?
💡
clue
Lead #3How can investigators track Kim Il's past travel patterns to Singapore and Russia to identify potential safe houses or operational bases?
Kim Il is a North Korean state-sponsored hacker allegedly involved in some of the costliest computer intrusions in history as part of the Lazarus Group and APT38 criminal conspiracy. The conspiracy stole currency and virtual currency from numerous victims through malicious applications, cyber-enabled heists, and fraudulent schemes including the Marine Chain initial coin offering. Kim remains at large in North Korea, and investigators seek to understand the full scope of his involvement and track his potential movements or future cyber operations.
Case
#976
United States District Court, Central District of California; Federal Bureau of Investigation
Try asking
Claim this imported case
A one-time $10 claim transfers this imported case workspace to your account. You get 10 uploads for this case, 25 daily AI questions for this case, and public tips with files route to you.
10 uploads25 AI questions/day
This does not start a subscription. When the included limits are reached, the Personal plan unlocks more workspace capacity.
More leads to consider
Beyond the top three above — each detail below could be the thread that pulls this case open.
📞
contact
Lead #4What communications or digital signatures can link Kim Il to specific cyber intrusions and financial crimes?
👤
person
Lead #5Who are Kim Il's known associates and collaborators within the Lazarus Group and APT38 networks?
Have information about any of these leads?
Even the smallest detail could be the key to solving this case.
Official wording
Source Narrative
Conspiracy to Commit Wire Fraud and Bank Fraud; Conspiracy to Commit Computer-Related Fraud (Computer Intrusion) Caution: Kim Il is allegedly a state-sponsored North Korean hacker who is part of an alleged criminal conspiracy responsible for some of the costliest computer intrusions in history. These intrusions caused damage to computer systems of, and stole currency and virtual currency from, numerous victims.
Kim was alleged to be a participant in a wide-ranging criminal conspiracy undertaken by a group of hackers of the North Korean government’s Reconnaissance General Bureau (RGB). The conspiracy comprised North Korean hacking groups that some private cybersecurity researchers have labeled the “Lazarus Group” and Advanced Persistent Threat 38 (APT38).
For his part in the conspiracy, Kim is alleged to have been directly involved in the development and dissemination of a malicious cryptocurrency application, in cyber-enabled heists from financial institutions, and in the Marine Chain initial coin offering. On December 8, 2020, a federal arrest warrant was issued for Kim in the United States District Court, Central District of California, after he was charged with one count of conspiracy to commit wire fraud and bank fraud, and one count of conspiracy to commit computer fraud (computer intrusions).
Remarks: Kim is a North Korean citizen last known to be in North Korea. Kim has traveled to Singapore and Russia in the past and has reported a date of birth in 1994.
Timeline of Events
🕵️
2020-12-08
Federal arrest warrant issued
A federal arrest warrant was issued for Kim Il in the United States District Court, Central District of California, charging him with conspiracy to commit wire fraud and bank fraud, and conspiracy to commit computer fraud (computer intrusions).
Key Locations
Interactive map showing important locations related to this case
Case Information
Incident:December 8, 2020
Last Updated:April 29, 2026
Leave a comment
Comments
Case Information
Incident:December 8, 2020
Last Updated:April 29, 2026