N. Korean IT workers fraudulently landed jobs at over 100 US firms: DOJ
The department said Monday that the orchestrated operation was part of a broader effort by the Kim Jong-un regime to funnel illicit revenue through fake employment, with help from enablers in the US, China, the United Arab Emirates and Taiwan.
The Justice Department disclosed two indictments along with the outcome of sweeping investigations: the arrest of US national Zhenxing 'Danny' Wang of New Jersey and searches of 29 known or suspected 'laptop farms' across 16 US states. Laptop farms are physical locations where multiple devices are maintained and operated to create the illusion that remote workers are based in a specific geographic location.
The department said investigators also seized 29 financial accounts holding tens of thousands of dollars, which were used to launder revenue for the North Korean regime through the remote information technology work scheme.
According to one indictment, North Korean IT workers and overseas co-conspirator facilitators based in New Jersey, New York, California and abroad perpetrated a coordinated multiyear fraud scheme that generated over $5 million by obtaining remote IT jobs at US companies.
"While some North Korean IT workers operate from cities inside North Korea, many work in China in cities near the North Korean border, including Dandong and Shenyang," the indictment read.
"The conspiracy perpetuated a massive fraud that impacts US companies in multiple industries across much of the United States, including Massachusetts, California, New York, New Jersey, Florida, New Mexico, Georgia, Maryland, Alabama, North Carolina, Illinois, Ohio, South Carolina, Michigan, Texas, Indiana, Arkansas, Missouri, Tennessee, Minnesota, Rhode Island, Wisconsin, Oregon, Pennsylvania, Washington, Utah, Colorado and the District of Columbia," the indictment added.
From around 2021 to October 2024, North Korean IT workers and their co-conspirators compromised the identities of more than 80 US citizens to obtain remote jobs at over 100 companies, including many Fortune 500 firms. Their actions caused the related companies to incur at least $3 million in legal fees, network remediation costs and other damages.
Once hired, North Korean IT workers received regular salaries and, in some cases, accessed or stole sensitive company information, including export-controlled US military technology.
For instance, North Korean IT workers employed under the illegal scheme also gained access to sensitive employer data and source code, including US military technology, from a California-based defense contractor that develops artificial intelligence-powered equipment and technologies.
According to the indictment, a North Korean worker remotely accessed the company's laptop and computer files without authorization between Jan. 19 and April 2, 2024. The sensitive documents and files — many of which related to US military technology controlled under the US State Department's International Traffic in Arms Regulations — were compromised.
Another indictment revealed that North Korean IT workers used false or fraudulently obtained identities to seek employment with a blockchain research and development company in Atlanta and a virtual token company based in Serbia.
Four North Korean nationals — Kim Kwang-jin, Kang Tae-bok, Jong Pong-ju and Chang Nam-il — were charged with stealing virtual currency worth over $900,000 from the two companies and laundering the proceeds.
According to the indictment, the defendants, who are still at large and wanted by the FBI, traveled to the United Arab Emirates using North Korean travel passports and worked as a co-located team.
'The threat posed by DPRK operatives is both real and immediate,' Leah Foley, US attorney for the District of Massachusetts, said Monday, referring to North Korea by the acronym of its official name. "Thousands of North Korean cyber operatives have been trained and deployed by the regime to blend into the global digital workforce and systematically target US companies."
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Korea Herald
2 days ago
- Korea Herald
N. Korean IT workers fraudulently landed jobs at over 100 US firms: DOJ
North Korean tech workers stole the identities of more than 80 US citizens to illegally obtain remote jobs at over 100 American companies — including many Fortune 500 firms — and stole sensitive information such as US military technology, according to the US Justice Department. The department said Monday that the orchestrated operation was part of a broader effort by the Kim Jong-un regime to funnel illicit revenue through fake employment, with help from enablers in the US, China, the United Arab Emirates and Taiwan. The Justice Department disclosed two indictments along with the outcome of sweeping investigations: the arrest of US national Zhenxing 'Danny' Wang of New Jersey and searches of 29 known or suspected 'laptop farms' across 16 US states. Laptop farms are physical locations where multiple devices are maintained and operated to create the illusion that remote workers are based in a specific geographic location. The department said investigators also seized 29 financial accounts holding tens of thousands of dollars, which were used to launder revenue for the North Korean regime through the remote information technology work scheme. According to one indictment, North Korean IT workers and overseas co-conspirator facilitators based in New Jersey, New York, California and abroad perpetrated a coordinated multiyear fraud scheme that generated over $5 million by obtaining remote IT jobs at US companies. "While some North Korean IT workers operate from cities inside North Korea, many work in China in cities near the North Korean border, including Dandong and Shenyang," the indictment read. "The conspiracy perpetuated a massive fraud that impacts US companies in multiple industries across much of the United States, including Massachusetts, California, New York, New Jersey, Florida, New Mexico, Georgia, Maryland, Alabama, North Carolina, Illinois, Ohio, South Carolina, Michigan, Texas, Indiana, Arkansas, Missouri, Tennessee, Minnesota, Rhode Island, Wisconsin, Oregon, Pennsylvania, Washington, Utah, Colorado and the District of Columbia," the indictment added. From around 2021 to October 2024, North Korean IT workers and their co-conspirators compromised the identities of more than 80 US citizens to obtain remote jobs at over 100 companies, including many Fortune 500 firms. Their actions caused the related companies to incur at least $3 million in legal fees, network remediation costs and other damages. Once hired, North Korean IT workers received regular salaries and, in some cases, accessed or stole sensitive company information, including export-controlled US military technology. For instance, North Korean IT workers employed under the illegal scheme also gained access to sensitive employer data and source code, including US military technology, from a California-based defense contractor that develops artificial intelligence-powered equipment and technologies. According to the indictment, a North Korean worker remotely accessed the company's laptop and computer files without authorization between Jan. 19 and April 2, 2024. The sensitive documents and files — many of which related to US military technology controlled under the US State Department's International Traffic in Arms Regulations — were compromised. Another indictment revealed that North Korean IT workers used false or fraudulently obtained identities to seek employment with a blockchain research and development company in Atlanta and a virtual token company based in Serbia. Four North Korean nationals — Kim Kwang-jin, Kang Tae-bok, Jong Pong-ju and Chang Nam-il — were charged with stealing virtual currency worth over $900,000 from the two companies and laundering the proceeds. According to the indictment, the defendants, who are still at large and wanted by the FBI, traveled to the United Arab Emirates using North Korean travel passports and worked as a co-located team. 'The threat posed by DPRK operatives is both real and immediate,' Leah Foley, US attorney for the District of Massachusetts, said Monday, referring to North Korea by the acronym of its official name. "Thousands of North Korean cyber operatives have been trained and deployed by the regime to blend into the global digital workforce and systematically target US companies."
Korea Herald
4 days ago
- Korea Herald
Trump says 'not going to stand' for Netanyahu's continued prosecution
WASHINGTON (AFP) -- President Donald Trump said Saturday the US was "not going to stand" for the continued prosecution of Israeli Prime Minister Benjamin Netanyahu on corruption charges. "The United States of America spends Billions of Dollar a year, far more than on any other Nation, protecting and supporting Israel. We are not going to stand for this," Trump posted on his Truth Social platform. An Israeli court on Friday rejected Netanyahu's request to postpone giving testimony in his corruption trial, ruling that he had not provided adequate justification for his request. In one case, Netanyahu and his wife Sara are accused of accepting more than $260,000 worth of luxury goods such as cigars, jewelry and champagne from billionaires in exchange for political favors. In two other cases, Netanyahu is accused of attempting to negotiate more favorable coverage from two Israeli media outlets. Netanyahu has denied any wrongdoing and has thanked Trump for his support in Israel's war with Iran, which saw a ceasefire agreement. His lawyer had asked the court to excuse the leader from hearings over the next two weeks, saying he needs to concentrate on "security issues." Trump on Wednesday sprung to Netanyahu's defense, describing the case against him as a "witch hunt." On Saturday, he described Netanyahu as a "War Hero" and said the case would distract the prime minister from negotiations with Iran and with Hamas, the Gaza-based Palestinian armed group that Israel is at war with. "This travesty of 'Justice' will interfere with both Iran and Hamas negotiations," said Trump, although it was unclear what negotiations he was referring to with regards to Iran. Hamas took 251 hostages during its Oct. 7, 2023, attack on Israel, with 49 still believed to be held in Gaza, including 27 the Israeli military says are dead. Negotiations are ongoing for the return of the remaining hostages and the bodies of those killed, while Israel's punishing war on Gaza continues unabated. The US leader also likened Netanyahu's legal troubles to his own before he took office for his second term. "It is a POLITICAL WITCH HUNT, very similar to the Witch Hunt that I was forced to endure," said Trump. The Republican was convicted on 34 counts of falsifying business records in May 2024 in a case related to hush money payments to a porn star. Trump also faced two federal cases, one related to his alleged efforts to overturn the results of the 2020 presidential election, which he lost to Democrat Joe Biden.
Korea Herald
6 days ago
- Korea Herald
Six Americans caught trying to send bottles to North Korea
Six American nationals were caught early Friday in Ganghwa-gun, Incheon, while attempting to send plastic bottles filled with rice, $1 bills and Bibles to North Korea. The group, ranging in age from their 20s to 50s, allegedly tried to launch about 1,300 bottles into the sea at around 1 a.m. on Friday, according to South Korean police. The South Korean military, which had been monitoring the coastline using surveillance cameras, spotted the group and reported them to police. The group was caught before putting the bottles in the ocean. 'Since the Americans are not fluent in Korean, we'll be assigning a translator to assist with a more thorough investigation,' police said. Sending materials to North Korea from Ganghwa-gun has been banned since Nov. 1 of last year, under an administrative order issued due to safety concerns and complaints from local residents. People in the area have voiced concerns about noise and the risk of retaliation from the North. This is not the first attempt to send items across the border since the ban was imposed. On Nov. 3 last year, a man was caught trying to send 121 plastic bottles filled with rice. Police said he had planned to use the ocean tide to carry them to the North. At the time, the man told police that he "came up with the plan after hearing that North Korean residents were starving due to a lack of rice."
