The United States Department of Justice (DOJ) has revealed coordinated enforcement actions against an alleged North Korean operation designed to infiltrate US companies and steal crypto assets.
According to the DOJ, North Korean nationals posed as US citizens to gain remote IT jobs, steal sensitive company data, and launder cryptocurrency earnings, generating funds believed to support the sanctioned regime’s state programs.
Identity Theft, Crypto Laundering, and Global Facilitation
In a statement released Monday, the DOJ announced it had filed two indictments, made one arrest, conducted searches across 16 states, and seized 29 financial accounts linked to illicit funds.
Authorities say the scheme involved the use of stolen identities from over 80 Americans to fraudulently obtain work-from-home jobs at more than 100 companies, including several Fortune 500 firms.
These roles enabled the perpetrators to receive regular salaries and gain access to sensitive corporate information, causing at least $3 million in damage through legal, cybersecurity, and operational costs.
One federal indictment in Georgia outlined how four North Korean nationals allegedly stole over $900,000 in cryptocurrency from two US firms.
The stolen assets were funneled through mixing services like Tornado Cash, which obfuscate transaction trails, before being withdrawn via accounts created with falsified Malaysian documentation. Court documents revealed these funds were used to bypass US sanctions and financially support North Korea’s regime.
The operation reportedly involved assistance from individuals based in the United States, China, the United Arab Emirates, and Taiwan. These collaborators allegedly helped North Korean operatives create front companies and fraudulent websites to support their remote job applications.
Authorities say they also hosted “laptop farms” where North Korean workers could access US employer-provided systems remotely. Assistant Attorney General John A. Eisenberg of the DOJ’s National Security Division stated:
These schemes target and steal from US companies and are designed to evade sanctions and fund the North Korean regime’s illicit programs, including its weapons programs.
Law Enforcement Urges Companies to Remain Vigilant
Federal agencies emphasized the national security implications of such schemes. FBI Cyber Division Assistant Director Brett Leatherman. noted:
North Korean IT workers defraud American companies and steal the identities of private citizens, all in support of the North Korean regime.
He warned that operators of laptop farms should expect scrutiny and enforcement. According to the FBI, this campaign represents an organized effort to funnel potentially hundreds of millions of dollars into the North Korean economy, directly threatening US businesses and citizens.
Assistant Director Roman Rozhavsky of the FBI’s Counterintelligence Division further highlighted that the effort was not merely criminal but geopolitical, stating:
North Korea remains intent on funding its weapons programs by defrauding US companies and exploiting American victims of identity theft.
Meanwhile, the FBI is calling on companies to increase due diligence when hiring remote IT personnel, especially amid the rise of decentralized digital workforces.
Featured image created with DALL-E, Chart from TradingView
You can get bonuses upto $100 FREE BONUS when you:
💰 Install these recommended apps:
💲 SocialGood - 100% Crypto Back on Everyday Shopping
💲 xPortal - The DeFi For The Next Billion
💲 CryptoTab Browser - Lightweight, fast, and ready to mine!
💰 Register on these recommended exchanges:
🟡 Binance🟡 Bitfinex🟡 Bitmart🟡 Bittrex🟡 Bitget
🟡 CoinEx🟡 Crypto.com🟡 Gate.io🟡 Huobi🟡 Kucoin.
Comments