Latest news with #RomanRozhavsky
Time of India
a day ago
- Business
- Time of India
US cracks down on North Korean-backed fraud ring that netted millions in crypto and cash
The US government announced a big crackdown on an international fraud ring linked to North Korea, involving North Korean IT workers and other conspirators. More than a dozen people were named in two new indictments, including a man from New Jersey called Zhenxing 'Danny' Wang. The fraud ring made over $5 million illegally and took hundreds of thousands in fees from US conspirators. Four North Korean nationals were charged for stealing nearly $1 million in cryptocurrency in a separate indictment, as per reports. Authorities searched 29 'laptop farms', places where laptops were used for the scam, in 16 US states and seized 29 financial accounts used to launder money and crypto. The scheme involved stealing identities of over 80 Americans and getting fake remote jobs at more than 100 companies, including many big Fortune 500 firms, as per the report by Fortune. North Korean IT workers traveled to the United Arab Emirates, used stolen IDs to pose as remote workers, got jobs at American companies, and stole digital currency to help fund North Korea's nuclear weapons program. The fraud evolved from using fake IDs to creating American front companies that helped hide the North Korean workers' true identity and made the scheme look real. These front companies received laptops sent by US companies for remote workers. The laptops were hosted at 'laptop farms' to let North Korean workers access them remotely, as per the report by Fortune. Live Events The stolen money was sent to North Korea's leadership to support their weapons and missile programs. FBI Assistant Director Roman Rozhavsky said North Korea uses fraud and identity theft to fund its weapons programs, but the FBI is working hard to stop them. Thousands of trained North Korean IT workers are spread worldwide, tricking companies into hiring them remotely to steal money and gather intelligence. The UN estimates this scheme earns North Korea between $200 million and $600 million yearly, not counting crypto theft which could be billions, as mentioned by Fortune report. Fake companies, real damage US Attorney Theodore Hertzberg said these charges warn the public about dangers from state-sponsored cybercriminals and urged companies to carefully check remote workers. Hertzberg advised companies to hire Americans and verify employees thoroughly, preferably in person, especially in the virtual currency space. Zhenxing 'Danny' Wang founded a fake software company called Independent Lab. Laptops were sent to him at his home where he installed remote software for North Korean workers overseas to use. Wang collected payment from US companies and sent the money to overseas conspirators. ALSO READ: Lady Gaga a no-show at Jeff Bezos wedding after reported clash over multi-million dollar fee Other accomplices included people in New York, California, and even an active-duty US military member, hosting laptop farms for money. The fraud caused at least four big companies to lose $100,000 or more each. The fraud also involved a California defense contractor from which sensitive military tech documents were stolen, as per the Fortune report. The fraud affected companies in many states across the US, including California, Massachusetts, New York, New Jersey, Florida, Georgia, and more. Security expert Michael Barnhart said the arrests show North Korean IT workers don't just steal money but can also harm national security by accessing trusted company networks. Barnhart warned companies to rethink hiring processes to avoid such threats. Assistant Attorney General John Eisenberg said the Justice Department will keep fighting these cyber-enabled networks to stop North Korea's illicit programs. The second indictment described four North Korean IT workers who used fake IDs to get jobs at US companies in Atlanta and stole nearly $1 million in crypto, according to the report by Fortune. Stolen crypto and cover-up tricks They laundered the stolen crypto to hide its origin before sending it to North Korea. One worker, Kim Kwang Jim, used a fake Portuguese ID to get hired and then stole millions of crypto tokens by changing the company's smart contract code. Kim tried to excuse the theft by blaming a 'github refactor' but was accused via Telegram messages by the company founder. Another worker, Jong Pong Ju, used the fake name 'Bryan Cho' to get hired and stole crypto worth about $175,000. Jong helped hire another fake employee called 'Peter Xiao,' who was really another defendant, as stated by Fortune report. Jong sent a video using a fake Malaysian driver's license to prove his fake identity to the company and gained more access. After stealing crypto, Jong said he 'accidentally dropped the private key' in a public file on Github, as a cover story. The stolen crypto was laundered using a crypto mixer called Tornado Cash, which hides the money's trail. Kang Tae Bok, another defendant, opened accounts with fake IDs to receive the mixed crypto funds. The FBI will soon release a new 'Wanted' poster for these defendants. Tornado Cash and Wang did not respond to requests for comments, as per the Fortune report. US Attorney Hertzberg said the case shows the danger North Korea poses by using fake remote workers and that the US will prosecute anyone stealing from American companies. FAQs Q1. How did North Korean hackers steal millions from US companies? They used fake identities and front companies to get remote jobs and stole money and cryptocurrency. Q2. What is the US doing to stop North Korean fraud schemes? The US government is arresting suspects, shutting down fake companies, and warning businesses to check remote workers carefully. Economic Times WhatsApp channel )
ABC News
2 days ago
- Business
- ABC News
FBI says it dismantled North Korean fraud scheme spanning 16 US states
Authorities in the US have busted an alleged fraud scheme which planted remote tech workers in more than 100 American companies to help finance the North Korean regime's weapons programs. The scheme saw North Korean tech workers allegedly use stolen and fake identities to gain remote work at the companies with the help of co-conspirators in the US, China and other countries. In one case, the tech workers stole sensitive information including "export-controlled US military technology", the US Justice Department said. In a second case, they stole about $US900,000 ($1.4 million) in virtual currency from an Atlanta, Georgia-based company, according to court documents. Roman Rozhavsky, assistant director of the FBI's counterintelligence division, said these latest schemes were part of a "massive campaign" by North Korea's regime. "North Korea remains intent on funding its weapons programs by defrauding US companies and exploiting American victims of identity theft," he said. "The FBI will do everything in our power to defend the homeland and protect Americans." The US and United Nations have long used sanctions to isolate the North Korean regime and force it to denuclearise, which has heavily restricted its economy. Australia has imposed autonomous sanctions on North Korea since 2006. The US Justice Department says 29 known or suspected "laptop farms" have been searched across 16 states as part of investigations. Law enforcement has also seized 29 financial accounts used to launder illicit funds, the department said. A New Jersey man was arrested on Monday, local time, for his alleged role in one of the schemes which spanned several years and generated more than $US5 million ($7.6 million) in revenue. Six Chinese nationals and two Taiwanese nationals were also charged in connection to the scheme. According to court documents, the accused stole the identities of more than 80 US citizens to secure work at more than 100 US companies, including Fortune 500 companies. They then caused the victim companies to incur legal fees, computer network repair costs and other damages and losses totalling about $US3 million ($4.6 million). The co-conspirators also created "laptop farms", hosting laptops belonging to US companies in their homes and enabling tech workers to access them remotely. This tricked the companies into believing the IT workers were based in the US. The accused also created shell companies with corresponding websites and financial accounts, to link the tech workers to supposedly legitimate US businesses. They funnelled money from the targeted US companies into these accounts. On Monday, the FBI also seized 17 webpages and 29 financial accounts holding tens of thousands of dollars in funds, which were used to launder revenue for North Korea's regime. In a second case, prosecutors allege four North Korean nationals schemed to steal more than $US900,000 ($1.4 million) in virtual currency from two companies based in Serbia and Atlanta, Georgia. The four North Koreans, who remain at large, then laundered the money through foreign accounts, according to the justice department. "This indictment highlights the unique threat North Korea poses to companies that hire remote IT workers," US Attorney Theodore S Hertzberg for the Northern District of Georgia said. The US Department of State has offered potential rewards of up to $US5 million ($7.6 million) in support of international efforts to disrupt North Korea's "illicit financial activities". This includes cybercrimes, money laundering and sanctions evasion.
UPI
2 days ago
- Business
- UPI
Feds uncover remote tech workers scheme to benefit North Korea
June 30 (UPI) -- The U.S. Department of Justice on Monday announced a crackdown on North Korea using people to pose as tech workers to earn money and steal sensitive information for the regime. In two unsealed charging indictments in Massachusetts and Atlanta, schemes were outlined to trick U.S. companies into hiring people who funneled their paychecks to the government and stole sensitive information and cryptocurrency. The FBI and Justice Department have investigated in 16 states since 2021 with most searches conducted earlier this month. The targeted companies were not announced. U.S. companies were warned to carefully screen their remote employees to avoid falling victim to similar ruses. "The FBI will do everything in our power to defend the homeland and protect Americans from being victimized by the North Korean government," Roman Rozhavsky, assistant director of the FBI's Counterintelligence Division, said in a statement. The phony North Korean workers were assisted by individuals in the United States, China, the United Arab Emirates and Taiwan, DOJ said. They successfully obtained employment with more than 100 U.S. companies, including Fortune 500 ones. "These schemes target and steal from U.S. companies and are designed to evade sanctions and fund the North Korean regime's illicit programs, including its weapons programs," Assistant Attorney General John A. Eisenberg of the Department's National Security Division said. "The Justice Department, along with our law enforcement, private sector, and international partners, will persistently pursue and dismantle these cyber-enabled revenue generation networks." DOJ announced searches of 29 known or suspected "laptop farms" across 16 states, and the seizure of 29 financial accounts used to launder illicit funds and 21 fraudulent websites from October 2024 to June. From June 10-17, the FBI executed searches of 21 premises across 14 states. In total, the FBI seized approximately 137 laptops. "North Korean IT workers defraud American companies and steal the identities of private citizens, all in support of the North Korean regime," Brett Leatherman, assistant director of the FBI's Cyber Division, said. "That is why the FBI and our partners continue to work together to disrupt infrastructure, seize revenue, indict overseas IT workers and arrest their enablers in the United States. Let the actions announced today serve as a warning: if you host laptop farms for the benefit of North Korean actors, law enforcement will be waiting for you." Obtained were salary payments, and in some cases, sensitive employer information such as export-controlled U.S. military technology and virtual currency. In one scheme, they allegedly created front companies and fraudulent websites. They received access to company-provided laptop computers. Obtained were salary payments. U.S. national Zhenxing "Danny" Wang of New Jersey was arrested in a 50-page, five-count indictment in Massachussets. The document details a multi-year fraud scheme by Wang and his co-conspirators to obtain remote IT work with U.S. companies that generated more than $5 million in revenue. Several Chinese and Taiwanese nationals were charged but haven't been arrested. From approximately 2021 until October 2024, the defendants and other co-conspirators compromised the identities of more than 80 U.S. people to obtain remote jobs at more than 100 U.S. companies. They cost the companies at least $3 million for legal fees, computer network remediation costs, and other damages and losses. In another scheme, people used false or fraudulently obtained identities to gain employment with an Atlanta-based blockchain research and development company where they stole virtual currency worth approximately $900,000. The five-count wire fraud and money laundering indictment charged four North Korean nationals. The defendants remain at large and are wanted by the FBI. These remote works were assisted by individuals in the United States, China, United Arab Emirates and Taiwan. The U.S. Department of State has offered potential rewards for up to $5 million to disrupt the North Korean illicit financial activities, including for cybercrimes, money laundering and sanctions evasion.
