DOJ Seeks $7.7 Million Forfeiture in Crypto From North Korean Hackers Masquerading as IT Workers

US Ministry of Justice last week filed for civilian subtraction For $ 7.74 million cryptocurrencies, which are North Korean and IT workers who have falsely received employment with companies in the USA abroad.

The US government seized funds as part of an operation against the North Korean scheme to avoid sanctions, with Authorities accusing the North Korean representative of a bank of external tradeSim Hyon Sop, regarding the scheme in April 2023.

According to the Doy, North Korean IT workers have acquired employment in US crypto companies using false or falsely obtained identities, before washing their revenues through SIM in favor of the Pyongyang regime.

A complaint for deprivation also describes in detail that IT workers are arranged in various locations around the world, including China, Russia and Laos.

Hiding their true identity and locations, workers were able to provide employment with blockchain companies, which mostly paid them in stabiblecoins –USDC or Pendant.

“For years, North Korea has exploited global remote contracting and ecosystems of cryptocurrencies to avoid US sanctions and bankrupt her weapons programs,” said Sue J. Bai, head of the Day National Security Department.

The Ministry of Justice also reports that IT workers have used several methods to wash their false revenue, including the installation of an account exchanging with fictional ID, making more small transfers, converting from one token to another, buying NFT -Ai mixing their funds.

After being allegedly made, the funds were then sent to the North Korean government through SIM Hyon Sop Kim Sang Man, the executive director of the company operating at the North Korea Ministry of Defense.

Defendant’s impression Sim Hyon Sop On two separate accusations in April 2023, including conspiracy with North Korea workers to make income with false employment and, secondly, conspiracy with OTC crypto merchants to use falsely generated revenue for the purchase of goods for North Korea.

Field Office FBI Chicago and FBI -s’s Virtual Property Unit are Cases research Related to a subtraction complaint, which he filed with the US District Court for Columbia District.

“The FBI investigation has discovered a mass campaign of North Korean IT workers to frame US companies by receiving employment by using stolen identities of US citizens, all so that the North Korean government can avoid US sanctions and generate revenue for its authoritarian regime,” said Roman Rozhavsky, Assistant FBI.

Although the accurate scope of the false North Korean, it is not fully established, most experts agree that the problem is becoming more significant.

An increasing threat in North Korea

“The threat represented by the North Korean IT workers representing legitimate remote employees is significantly increasing – and fast,” explains the head of the National Security Lanak Intelligence Andrew Fierman, saying Decipher.

As a proof of how the threat has become “industrialized and sophisticated”, Fierman cites an example An indictment of the Doj -a of 14 North Korean nationalswho allegedly also acted under false IDs and made $ 88 million through a six-year scheme.

“Although it is difficult to recharge the exact percentage of illegal cyber income North Korea to false IT work, it is clear from government assessment and research of cyber security security that this method has developed into a reliable flow of revenue for the regime – especially in pair with spy and tracking goals,” he says.

Other safety experts agree that the threat of illegal North Korean IT employees is becoming more and more widespread, with Michael Barnhart – Director I3 Insider Investigator in DTEX Systems – says Decipher that their tactics become more sophisticated.

“These operatives are not only a potential threat, but actively embedded in organizations, with already threatened critical infrastructure and global supply chains,” he says.

Barnhart also reports that the actors of the North Korean threats even began to establish a “front Company that represent as reliable third parties” or are installed in a legitimate third party that may not use the same strict protective measures as other, larger organizations.

Interestingly, Barnhart estimates that North Korea can generate hundreds of millions of revenue every year from the false IT -A that any recorded data or sum will be underlined.

“The saying” You don’t know what you don’t know “comes to the game, because every day a new scheme is revealed to make money,” he explains. “In addition, much of the income is misleading to look like the elements of cyber criminal gangs or completely legitimate seemingly seemingly effort, which confuses the overall attribution.”

While the deprivation statement on Thursday indicates that the US government manages to get more business in North Korea, the increasing sophistication of the latter suggests that the US and international authorities will continue to play for some time.

As Andrew Fierman says, “what is particularly related to how much these workers can remove: exploiting a generative AI for false persons, deepfake tools for interviews, and even support systems for the passage of technical examinations.”

In April, Discovered by Google’s Invisional Threat Group That the North Korean actors have spread outside the United States to infiltrate the projects of the Crypto Currency in the UK, Germany, Portugal and Serbia.

This included projects that develop blockchain markets, AI web applications and smart Solan contracts, and the UK presidents and the US help operatives to bypass the IDs receive payments via Transferwise and Payoneer.

Edited Stacy Elliott.