US government targets North Korea’s illicit IT workforce with new sanctions

The US government announced new sanctions against North Korea related to its army of illicit computer workers who have fraudulently obtained employment to finance the regime’s weapons of mass destruction programs.

North Korea maintains thousands of “highly skilled” IT workers around the world, primarily in China and Russia, who “generate revenue that contributes to its illegal weapons of mass destruction and ballistic missile programs.” according to an announcement from the US Treasury Department. on Tuesday.

These individuals, who in some cases earn more than $300,000 a year, deliberately obfuscate their identities, locations, and nationalities by using stolen identities and forged documentation to apply for jobs with employers located in “richer countries.” They have secretly worked in various positions and industries, including the fields of “business, health and fitness, social media, sports, entertainment, and lifestyle,” the announcement said.

While these individuals tend to be involved in legitimate IT jobs unrelated to malicious cyber activities, primarily cryptocurrency projects, they use virtual currency exchanges and trading platforms to launder illicitly obtained funds to the DPRK, according to the announcement.

The Treasury announced sanctions Tuesday against four entities that employ “thousands” of North Korean computer workers. One of them is the Pyongyang University of Automation, which the Treasury Department described as one of North Korea’s “premier cyber training institutions.” The institution is said to have been training cybercriminals who then work in cyber units linked to the General Reconnaissance Office. (RGB) the country’s main intelligence agency.

The Treasury also sanctioned the Office of Technical Reconnaissance and its 110 Research Center, which lead the DPRK’s development of offensive cyber tactics and tools. The center is also believed to have trained agents of the notorious Lazarus Group, which was linked to the theft of $625 million in cryptocurrency from Ronin, an Ethereum-based sidechain created for the popular game Axie Infinity.

Sanctions were also announced against Chinyong Information Technology Cooperation Company and an individual named King San Man in connection with their IT worker activities.

“Today’s action continues to highlight the extensive illicit operations of DPRK computer and cyber workers, who finance the regime’s illegal weapons of mass destruction and ballistic missile programs,” said Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. .Nelson. “The United States and our partners remain committed to combating the DPRK’s illicit revenue-generating activities and ongoing efforts to steal money from financial institutions, virtual currency exchanges, businesses, and individuals around the world.”

The US government also warned early last year that North Korean-backed hackers were targeting employees of cryptocurrency companies by sending highly targeted phishing emails that would include a job offer well paid to try to lure the victim into downloading a Trojan cryptocurrency application.

Disclaimer: All the content or information on this article is given for only educational purposes.


Scroll to Top