On Monday, the U.S. Justice Department announced charges against four North Korean nationals accused of conducting a sophisticated scam by posing as IT workers to defraud U.S.-based companies out of nearly $1 million in cryptocurrency.
The individuals, Kim Kwang Jin, Kang Tae Bok, Jong Pong Ju, and Chang Nam Il, allegedly utilized stolen credentials and false identities to infiltrate technology companies while hiding their North Korean nationality.
The charges indicate that these operatives managed to deceive employers by using the stolen and fabricated personally identifiable information, allowing them to gain the trust of the victim companies.
Once employed, the defendants reportedly accessed the companies’ virtual currency assets, orchestrating thefts that extracted substantial amounts of cryptocurrency from the organizations. Federal prosecutors in Atlanta, Georgia, disclosed that one such scheme yielded approximately $900,000 in stolen funds.
This criminal operation has been described as ongoing since at least 2020, during which the defendants impersonated foreign IT workers. For example, a U.S. company unwittingly hired Jong Pong Ju, who was posing as a Malaysian worker named “Bryan Cho.”
This deceit enabled not only Jong Pong Ju to gain employment but also allowed for the involvement of other North Koreans, including Chang Nam Il, according to the Justice Department’s statements.
In a particularly alarming incident, Kim Kwang Jin is accused of altering the source code of two smart contracts that were under the control of a victim company, taking place on the Ethereum and Polygon blockchains.
The court records describe that these changes affected the rules governing the withdrawal of virtual currency from funding pools managed by the company, illustrating the breadth of the defendants’ deceitful tactics.
It’s important to note that the four defendants are currently outside the United States, complicating efforts for their apprehension.
In broader terms, the Justice Department’s investigation led to the seizure of 29 suspected laptop farms located across 16 U.S. states, combined with the confiscation of 29 financial accounts used for laundering processed illicit funds and 21 fraudulent websites.
In a related development, authorities charged not only the four North Korean nationals but also six Chinese nationals and two Taiwanese nationals for their engagement in similar schemes involving false IT work.
The Justice Department also detailed a separate case in Massachusetts, alleging that nine additional North Koreans posed as IT professionals, leading to more than $3 million in losses across over 100 U.S. companies, including several Fortune 500 firms. This group is also accused of stealing sensitive export controls and U.S. military technology.
Amid these investigations, Kejia Wang, a U.S. citizen, was arrested for allegedly coordinating with offshore partners to facilitate the criminal activities highlighted by the Justice Department.
The schemes targeting U.S. businesses are understood not only as lucrative ventures for the North Koreans but are also linked to efforts to gather U.S. secrets.
John A. Eisenberg, Assistant Attorney General for the Department’s National Security Division, emphasized the seriousness of these cyber-enabled networks in evading sanctions and financing the North Korean regime’s illicit programs, including those related to weaponry.
He reassured the public that the Justice Department will continue to work diligently with law enforcement and international partners to dismantle such revenue-generating criminal networks.
image source from:abc7