US Targets Huione Group Over North Korean Crypto Crimes and Money Laundering

The U.S. Treasury Department has proposed cutting off Cambodia-based Huione Group from the U.S. financial system due to its involvement in cybercrime and money laundering activities tied to North Korea and global criminal networks. The move, announced by the Financial Crimes Enforcement Network (FinCEN), would invoke Section 311 of the USA PATRIOT Act — a powerful measure used to isolate foreign entities considered threats to the international financial system.

According to FinCEN, the Telegram-based Huione operation has been a central hub for laundering proceeds from cyber heists, including crypto scams known as "pig butchering," where fraudsters build fake romantic relationships to steal digital assets. Huione is also accused of providing personal data services and facilitating money laundering for illicit actors, including the notorious North Korean hacking group Lazarus.

Blockchain analytics firm Elliptic estimates that Huione has handled approximately $24 billion in suspicious transactions. Earlier this year, the group reportedly launched its own stablecoin, further raising concerns among regulators.

U.S. Treasury Secretary Scott Bessent emphasized the group's role in enabling malicious activity: “Huione Group has become the marketplace of choice for cybercriminals, including North Korea’s regime, who have stolen billions from ordinary Americans.”

In 2024, Huione Pay, based in Phnom Penh, allegedly received over $150,000 in crypto from a wallet linked to the Lazarus Group. U.S. officials believe these stolen funds are used to support North Korean state projects, including weapons development.

The proposal to blacklist Huione from the U.S. financial system signals an aggressive stance against crypto-enabled cybercrime and underscores Washington's increasing efforts to combat digital asset abuse by rogue states and organized crime.