Latest news with #Zhenxing'Danny'Wang
Time of India
a day ago
- Business
- Time of India
US cracks down on North Korean-backed fraud ring that netted millions in crypto and cash
The US government announced a big crackdown on an international fraud ring linked to North Korea, involving North Korean IT workers and other conspirators. More than a dozen people were named in two new indictments, including a man from New Jersey called Zhenxing 'Danny' Wang. The fraud ring made over $5 million illegally and took hundreds of thousands in fees from US conspirators. Four North Korean nationals were charged for stealing nearly $1 million in cryptocurrency in a separate indictment, as per reports. Authorities searched 29 'laptop farms', places where laptops were used for the scam, in 16 US states and seized 29 financial accounts used to launder money and crypto. The scheme involved stealing identities of over 80 Americans and getting fake remote jobs at more than 100 companies, including many big Fortune 500 firms, as per the report by Fortune. North Korean IT workers traveled to the United Arab Emirates, used stolen IDs to pose as remote workers, got jobs at American companies, and stole digital currency to help fund North Korea's nuclear weapons program. The fraud evolved from using fake IDs to creating American front companies that helped hide the North Korean workers' true identity and made the scheme look real. These front companies received laptops sent by US companies for remote workers. The laptops were hosted at 'laptop farms' to let North Korean workers access them remotely, as per the report by Fortune. Live Events The stolen money was sent to North Korea's leadership to support their weapons and missile programs. FBI Assistant Director Roman Rozhavsky said North Korea uses fraud and identity theft to fund its weapons programs, but the FBI is working hard to stop them. Thousands of trained North Korean IT workers are spread worldwide, tricking companies into hiring them remotely to steal money and gather intelligence. The UN estimates this scheme earns North Korea between $200 million and $600 million yearly, not counting crypto theft which could be billions, as mentioned by Fortune report. Fake companies, real damage US Attorney Theodore Hertzberg said these charges warn the public about dangers from state-sponsored cybercriminals and urged companies to carefully check remote workers. Hertzberg advised companies to hire Americans and verify employees thoroughly, preferably in person, especially in the virtual currency space. Zhenxing 'Danny' Wang founded a fake software company called Independent Lab. Laptops were sent to him at his home where he installed remote software for North Korean workers overseas to use. Wang collected payment from US companies and sent the money to overseas conspirators. ALSO READ: Lady Gaga a no-show at Jeff Bezos wedding after reported clash over multi-million dollar fee Other accomplices included people in New York, California, and even an active-duty US military member, hosting laptop farms for money. The fraud caused at least four big companies to lose $100,000 or more each. The fraud also involved a California defense contractor from which sensitive military tech documents were stolen, as per the Fortune report. The fraud affected companies in many states across the US, including California, Massachusetts, New York, New Jersey, Florida, Georgia, and more. Security expert Michael Barnhart said the arrests show North Korean IT workers don't just steal money but can also harm national security by accessing trusted company networks. Barnhart warned companies to rethink hiring processes to avoid such threats. Assistant Attorney General John Eisenberg said the Justice Department will keep fighting these cyber-enabled networks to stop North Korea's illicit programs. The second indictment described four North Korean IT workers who used fake IDs to get jobs at US companies in Atlanta and stole nearly $1 million in crypto, according to the report by Fortune. Stolen crypto and cover-up tricks They laundered the stolen crypto to hide its origin before sending it to North Korea. One worker, Kim Kwang Jim, used a fake Portuguese ID to get hired and then stole millions of crypto tokens by changing the company's smart contract code. Kim tried to excuse the theft by blaming a 'github refactor' but was accused via Telegram messages by the company founder. Another worker, Jong Pong Ju, used the fake name 'Bryan Cho' to get hired and stole crypto worth about $175,000. Jong helped hire another fake employee called 'Peter Xiao,' who was really another defendant, as stated by Fortune report. Jong sent a video using a fake Malaysian driver's license to prove his fake identity to the company and gained more access. After stealing crypto, Jong said he 'accidentally dropped the private key' in a public file on Github, as a cover story. The stolen crypto was laundered using a crypto mixer called Tornado Cash, which hides the money's trail. Kang Tae Bok, another defendant, opened accounts with fake IDs to receive the mixed crypto funds. The FBI will soon release a new 'Wanted' poster for these defendants. Tornado Cash and Wang did not respond to requests for comments, as per the Fortune report. US Attorney Hertzberg said the case shows the danger North Korea poses by using fake remote workers and that the US will prosecute anyone stealing from American companies. FAQs Q1. How did North Korean hackers steal millions from US companies? They used fake identities and front companies to get remote jobs and stole money and cryptocurrency. Q2. What is the US doing to stop North Korean fraud schemes? The US government is arresting suspects, shutting down fake companies, and warning businesses to check remote workers carefully. Economic Times WhatsApp channel )
Korea Herald
a day ago
- Korea Herald
N. Korean IT workers fraudulently landed jobs at over 100 US firms: DOJ
North Korean tech workers stole the identities of more than 80 US citizens to illegally obtain remote jobs at over 100 American companies — including many Fortune 500 firms — and stole sensitive information such as US military technology, according to the US Justice Department. The department said Monday that the orchestrated operation was part of a broader effort by the Kim Jong-un regime to funnel illicit revenue through fake employment, with help from enablers in the US, China, the United Arab Emirates and Taiwan. The Justice Department disclosed two indictments along with the outcome of sweeping investigations: the arrest of US national Zhenxing 'Danny' Wang of New Jersey and searches of 29 known or suspected 'laptop farms' across 16 US states. Laptop farms are physical locations where multiple devices are maintained and operated to create the illusion that remote workers are based in a specific geographic location. The department said investigators also seized 29 financial accounts holding tens of thousands of dollars, which were used to launder revenue for the North Korean regime through the remote information technology work scheme. According to one indictment, North Korean IT workers and overseas co-conspirator facilitators based in New Jersey, New York, California and abroad perpetrated a coordinated multiyear fraud scheme that generated over $5 million by obtaining remote IT jobs at US companies. "While some North Korean IT workers operate from cities inside North Korea, many work in China in cities near the North Korean border, including Dandong and Shenyang," the indictment read. "The conspiracy perpetuated a massive fraud that impacts US companies in multiple industries across much of the United States, including Massachusetts, California, New York, New Jersey, Florida, New Mexico, Georgia, Maryland, Alabama, North Carolina, Illinois, Ohio, South Carolina, Michigan, Texas, Indiana, Arkansas, Missouri, Tennessee, Minnesota, Rhode Island, Wisconsin, Oregon, Pennsylvania, Washington, Utah, Colorado and the District of Columbia," the indictment added. From around 2021 to October 2024, North Korean IT workers and their co-conspirators compromised the identities of more than 80 US citizens to obtain remote jobs at over 100 companies, including many Fortune 500 firms. Their actions caused the related companies to incur at least $3 million in legal fees, network remediation costs and other damages. Once hired, North Korean IT workers received regular salaries and, in some cases, accessed or stole sensitive company information, including export-controlled US military technology. For instance, North Korean IT workers employed under the illegal scheme also gained access to sensitive employer data and source code, including US military technology, from a California-based defense contractor that develops artificial intelligence-powered equipment and technologies. According to the indictment, a North Korean worker remotely accessed the company's laptop and computer files without authorization between Jan. 19 and April 2, 2024. The sensitive documents and files — many of which related to US military technology controlled under the US State Department's International Traffic in Arms Regulations — were compromised. Another indictment revealed that North Korean IT workers used false or fraudulently obtained identities to seek employment with a blockchain research and development company in Atlanta and a virtual token company based in Serbia. Four North Korean nationals — Kim Kwang-jin, Kang Tae-bok, Jong Pong-ju and Chang Nam-il — were charged with stealing virtual currency worth over $900,000 from the two companies and laundering the proceeds. According to the indictment, the defendants, who are still at large and wanted by the FBI, traveled to the United Arab Emirates using North Korean travel passports and worked as a co-located team. 'The threat posed by DPRK operatives is both real and immediate,' Leah Foley, US attorney for the District of Massachusetts, said Monday, referring to North Korea by the acronym of its official name. "Thousands of North Korean cyber operatives have been trained and deployed by the regime to blend into the global digital workforce and systematically target US companies."
Straits Times
2 days ago
- Business
- Straits Times
US charges North Koreans in plot to defraud more than 100 firms
The North Koreans used stolen identities to gain employment with US companies, according to the indictments. PHOTO: UNSPLASH US charges North Koreans in plot to defraud more than 100 firms WASHINGTON – The US Justice Department announced one arrest and charges against nine more people in connection with an alleged scheme in which North Koreans posed as American tech workers to gain lucrative jobs and fund the country's government. The North Koreans used stolen identities to gain employment with multiple American companies, according to the indictments. They were allegedly helped by people in the US, China, United Arab Emirates and Taiwan, who created fake companies and fraudulent websites to enable the illicit activity, US officials said. Zhenxing 'Danny' Wang, a US citizen from New Jersey, was arrested for his alleged role in a multiyear fraud operation to obtain remote IT work that gained more than US$5 million (S$6.4 million) in revenue, according to the indictment. Wang, along with fellow defendants from China and Taiwan, also allegedly created shell companies, fake websites and financial accounts in order to help overseas IT workers appear to be affiliated with legitimate American businesses. An attorney for Wang couldn't immediately be located for comment. Four North Korean nationals who used fake identities to pose as remote tech workers were also charged with allegedly stealing more than US$900,000 in virtual currency from two companies. After gaining their employers' trust, the North Koreans gained access to their virtual assets, stole the money and then laundered it using a cryptocurrency mixer called Tornado Cash, according to the Justice Department. 'North Korean IT workers defraud American companies and steal the identities of private citizens, all in support of the North Korean regime,' said FBI Assistant Director Brett Leatherman. The US searched 29 known or suspected laptop farms and seized more than 200 devices that the fake IT workers used to earn income, according to the Justice Department. The authorities also seized 21 websites. The fraudsters compromised more than 80 Americans' identities in order to get jobs at more than 100 US companies, including 'many' Fortune 500 companies, according to the Justice Department, which didn't identify the companies. Victim companies lost more than US$3 million due to legal fees and computer network remediation costs, the authorities said. The fake tech workers gained access to sensitive company information and source code, law enforcement officials said, including International Traffic in Arms Regulations, or Itar, data from a California-based defence contractor that develops 'artificial intelligence-powered' technologies. Itar rules are designed to protect US national security secrets. Thousands of North Korean workers have spent the last several years posing as nationals from other countries while infiltrating companies in the US and around the world in lucrative technical jobs, according to the US government. Such schemes are meant to help the North Korean government gather intelligence and generate money for the country's military, while some IT workers also build their own personal wealth, according to US officials and security experts. North Korean IT workers increasingly are working to infiltrate European firms by posing as remote freelancers, Google's Threat Intelligence Group said in April. One such worker operating at least 12 personas sought employment with several organisations in the defense and government sectors, providing fake references, according to the report. A federal court in Missouri indicted 14 North Korean nationals in December, accusing them of involvement in an IT employment operation that generated US$88 million over six years. The US has also sanctioned numerous organisations that have allegedly helped fuel the North Korean efforts. BLOOMBERG Join ST's Telegram channel and get the latest breaking news delivered to you.
