Us Sanctions Fraud Network Used By North Korean ‘remote It Workers’ To Seek Jobs And Steal Money

The U.S. Treasury has sanctioned an world fraud web utilized by North Korea to infiltrate U.S. companies pinch hackers posing arsenic morganatic occupation seekers, agency officials announced Wednesday.

The sanctions are nan latest action taken by nan U.S. Treasury successful caller months aimed astatine combating North Korean authorities workers from seeking employment astatine American companies utilizing clone identities and documents to use for jobs. Once employed, nan hackers gain a costs from nan company, but besides bargain delicate institution information and extort their employers by demanding a ransom.

In a connection Wednesday, nan Treasury said nan fraud web generated astatine slightest $1 cardinal successful profits for nan North Korean regime, 1 of galore specified schemes that person helped raise billions of dollars successful stolen funds, including cryptocurrency, to money its internationally sanctioned atomic weapons program.

As portion of its latest information of enforcement, nan Treasury sanctioned Vitaliy Sergeyevich Andreyev, a Russian nationalist accused of moving pinch nan North Koreans to facilitate payments to a institution called Chinyong. The Treasury, which sanctioned Chinyong successful 2024, says nan institution employs delegations of fraudulent IT workers based successful Russia and Laos.

The U.S. says Andreyev worked pinch a North Korean consular charismatic based successful Russia called Kim Ung Sun to launder adjacent to $600,000 successful stolen money into cryptocurrency for nan regime.

The Treasury sanctioned Shenyang Geumpungri, a Chinese institution that nan U.S. says besides employs fraudulent IT workers connected behalf of nan North Korean government, arsenic good arsenic Sinjin, different North Korean beforehand institution for nan IT workers’ scheme.

This is nan latest information of sanctions targeting North Korea, arsenic good as nan U.S.-based facilitators who thief support the North Korean’s sprawling money-stealing schemes. North Korea remains highly dedicated to stealing money and converting it into cryptocurrency to skirt nan country’s prohibition connected accessing nan world financial system. 

While nan strategy is not new, North Koreans are progressively effective astatine getting jobs astatine U.S. and different Western companies.

Security researchers successful nan past mates of years began raising nan siren astir nan North Korean IT workers’ schemes. Security patient CrowdStrike says North Korean hackers person infiltrated hundreds of companies successful nan United States unsocial by utilizing clone archiving and deception techniques to summation employment. 

The caller sanctions mean U.S. companies, aliases immoderate institution doing business pinch a U.S. company, are barred from transacting aliases moving pinch those listed by nan Treasury. In practice, nan Treasury rules put nan ineligible responsibility connected hiring companies to guarantee they are not hiring North Koreans aliases different sanctioned individuals by mistake.