The Justice Department has announced coordinated actions against the Democratic People’s Republic of North Korea (DPRK) government’s schemes to fund its regime through remote information technology (IT) work for U.S. companies. These actions include two indictments, an arrest, searches of 29 known or suspected “laptop farms” across 16 states, and the seizure of 29 financial accounts used to launder illicit funds and 21 fraudulent websites.
According to court documents, the schemes involve North Korean individuals fraudulently obtaining employment with U.S. companies as remote IT workers, using stolen and fake identities. The North Korean actors were assisted by individuals in the United States, China, United Arab Emirates, and Taiwan, and successfully obtained employment with more than 100 U.S. companies.
As alleged in court documents, certain U.S.-based individuals enabled one of the schemes by creating front companies and fraudulent websites to promote the bona fides of the remote IT workers, and hosted laptop farms where the remote North Korean IT workers could remote access into U.S. victim company-provided laptop computers. Once employed, the North Korean IT workers received regular salary payments, and they gained access to, and in some cases stole, sensitive employer information such as export controlled U.S. military technology and virtual currency. In another scheme, North Korean IT workers used false or fraudulently obtained identities to gain employment with an Atlanta, Georgia-based blockchain research and development company and stole virtual currency worth approximately over $900,000.
“These schemes target and steal from U.S. companies and are designed to evade sanctions and fund the North Korean regime’s illicit programs, including its weapons programs,” said Assistant Attorney General John A. Eisenberg of the Department’s National Security Division. “The Justice Department, along with our law enforcement, private sector, and international partners, will persistently pursue and dismantle these cyber-enabled revenue generation networks.”
“North Korean IT workers defraud American companies and steal the identities of private citizens, all in support of the North Korean regime,” said Assistant Director Brett Leatherman of FBI’s Cyber Division. “That is why the FBI and our partners continue to work together to disrupt infrastructure, seize revenue, indict overseas IT workers, and arrest their enablers in the United States. Let the actions announced today serve as a warning: if you host laptop farms for the benefit of North Korean actors, law enforcement will be waiting for you.”
“North Korea remains intent on funding its weapons programs by defrauding U.S. companies and exploiting American victims of identity theft, but the FBI is equally intent on disrupting this massive campaign and bringing its perpetrators to justice,” said Assistant Director Roman Rozhavsky of the FBI Counterintelligence Division. “North Korean IT workers posing as U.S. citizens fraudulently obtained employment with American businesses so they could funnel hundreds of millions of dollars to North Korea’s authoritarian regime. The FBI will do everything in our power to defend the homeland and protect Americans from being victimized by the North Korean government, and we ask all U.S. companies that employ remote workers to remain vigilant to this sophisticated threat.”
The original announcement can be found here.
Click Here For The Original Source.
