The U.S. Treasury Department has imposed sanctions on an international fraud ring that North Korea used to infiltrate U.S. companies by using hackers posing as IT professionals looking for remote work, earning them about $1 million.
The U.S. Treasury Department has imposed sanctions on an international fraud ring that North Korea used to infiltrate U.S. companies by using hackers posing as IT professionals looking for remote work, earning them about $1 million.
This spring, there were reports of North Korean «IT specialists» hijacking foreigners’ LinkedIn, Fiverr, and Upwork accounts to work for foreign companies on their behalf. In parallel, they collected data and even demanded ransoms from their American employers to get money for the North Korean budget.
The US Treasury Department noted that this was one of many similar schemes that helped raise billions of dollars in stolen funds, including cryptocurrency, to finance an internationally sanctioned nuclear weapons program.
According to TechCrunch, in addition to sanctions on the scammers themselves, Russian citizen Vitaly Sergeyevich Andreev was also targeted, accused of working with North Koreans and facilitating payments to a company called Chinyong. The U.S. Treasury Department imposed sanctions on Chinyong in 2024, alleging that the company employs delegations of fake IT workers based in Russia and Laos.
The US believes that Andreev collaborated with North Korean official Kim Ung-sung from the consulate in Russia to launder about $600,000 of stolen money into cryptocurrency for the North Korean regime.
The Treasury Department also imposed sanctions on Shenyang Geumpungri, a Chinese company that the U.S. says hires fake IT workers on behalf of the North Korean government; and Sinjin, another North Korean front company for an IT worker scheme.
The new sanctions prohibit American companies, or any companies that do business with them, from doing business with sanctioned entities.
It is noted that North Korea is still actively engaged in stealing money and converting it into cryptocurrency to circumvent the country’s ban on access to the global financial system. While this scheme is not new, North Koreans are increasingly effective at obtaining jobs in American and other Western companies.
According to cybersecurity company CrowdStrike, North Korean hackers have infiltrated hundreds of companies in the U.S. alone using deception and fake documents. Previously, CrowdStrike Senior Vice President Adam Meyers shared a question to ask in an interview to check if a candidate is a hacker from North Korea .
