3 days ago
US charges North Koreans in plot to defraud more than 100 firms
The North Koreans used stolen identities to gain employment with US companies, according to the indictments. PHOTO: UNSPLASH
US charges North Koreans in plot to defraud more than 100 firms
WASHINGTON – The US Justice Department announced one arrest and charges against nine more people in connection with an alleged scheme in which North Koreans posed as American tech workers to gain lucrative jobs and fund the country's government.
The North Koreans used stolen identities to gain employment with multiple American companies, according to the indictments. They were allegedly helped by people in the US, China, United Arab Emirates and Taiwan, who created fake companies and fraudulent websites to enable the illicit activity, US officials said.
Zhenxing 'Danny' Wang, a US citizen from New Jersey, was arrested for his alleged role in a multiyear fraud operation to obtain remote IT work that gained more than US$5 million (S$6.4 million) in revenue, according to the indictment. Wang, along with fellow defendants from China and Taiwan, also allegedly created shell companies, fake websites and financial accounts in order to help overseas IT workers appear to be affiliated with legitimate American businesses.
An attorney for Wang couldn't immediately be located for comment.
Four North Korean nationals who used fake identities to pose as remote tech workers were also charged with allegedly stealing more than US$900,000 in virtual currency from two companies. After gaining their employers' trust, the North Koreans gained access to their virtual assets, stole the money and then laundered it using a cryptocurrency mixer called Tornado Cash, according to the Justice Department.
'North Korean IT workers defraud American companies and steal the identities of private citizens, all in support of the North Korean regime,' said FBI Assistant Director Brett Leatherman.
The US searched 29 known or suspected laptop farms and seized more than 200 devices that the fake IT workers used to earn income, according to the Justice Department. The authorities also seized 21 websites.
The fraudsters compromised more than 80 Americans' identities in order to get jobs at more than 100 US companies, including 'many' Fortune 500 companies, according to the Justice Department, which didn't identify the companies. Victim companies lost more than US$3 million due to legal fees and computer network remediation costs, the authorities said.
The fake tech workers gained access to sensitive company information and source code, law enforcement officials said, including International Traffic in Arms Regulations, or Itar, data from a California-based defence contractor that develops 'artificial intelligence-powered' technologies. Itar rules are designed to protect US national security secrets.
Thousands of North Korean workers have spent the last several years posing as nationals from other countries while infiltrating companies in the US and around the world in lucrative technical jobs, according to the US government. Such schemes are meant to help the North Korean government gather intelligence and generate money for the country's military, while some IT workers also build their own personal wealth, according to US officials and security experts.
North Korean IT workers increasingly are working to infiltrate European firms by posing as remote freelancers, Google's Threat Intelligence Group said in April. One such worker operating at least 12 personas sought employment with several organisations in the defense and government sectors, providing fake references, according to the report.
A federal court in Missouri indicted 14 North Korean nationals in December, accusing them of involvement in an IT employment operation that generated US$88 million over six years.
The US has also sanctioned numerous organisations that have allegedly helped fuel the North Korean efforts. BLOOMBERG
Join ST's Telegram channel and get the latest breaking news delivered to you.
