U.S. Treasury Sanctions North Korean IT Worker Scheme: Uncovering $600K in Cryptocurrency Transfers and Over $1 Million in Profits

ByAdmin

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has announced new sanctions against two individuals and two entities involved in a North Korean remote information technology (IT) worker scheme that generates illicit revenue for the regime’s weapons of mass destruction and ballistic missile programs. Under Secretary of the Treasury for Terrorism and Financial Intelligence John K. Hurley stated that the North Korean regime continues to target American businesses through fraud schemes involving overseas IT workers who steal data and demand ransom. The individuals targeted include Vitaliy Sergeyevich Andreyev, Kim Ung Sun, Shenyang Geumpungri Network Technology Co., Ltd, and Korea Sinjin Trading Corporation. This latest action expands upon sanctions imposed against Chinyong Information Technology Cooperation Company in May 2023.

Chinyong is identified as one of many IT companies deploying workers for freelance IT tasks and cryptocurrency theft, with offices in China, Laos, and Russia. The ongoing IT worker threat, tracked under various names such as Famous Chollima and Wagemole, is believed to be linked to the Workers’ Party of Korea. The scheme involves embedding North Korean IT workers in legitimate companies, using fraudulent documents and stolen identities to secure employment. A recent report by Anthropic highlighted the heavy reliance of these actors on artificial intelligence (AI) tools like Claude to create convincing professional profiles and deliver technical work. Despite their dependency on AI for basic functions, these operators have managed to maintain employment at Fortune 500 companies, successfully passing technical interviews and meeting employer expectations. 

Categories: Sanctions, Cybercrime, North Korean Illicit Activities 

Tags: Sanctions, North Korea, IT Workers, Illicit Revenue, Weapons of Mass Destruction, Fraud Schemes, Cryptocurrency Theft, Malware, Artificial Intelligence, Employment Fraud 

Leave a Reply

Your email address will not be published. Required fields are marked *