Four North Korean nationals have been charged in Georgia for wire fraud and money laundering after posing as remote IT workers at US and Serbian blockchain companies and stealing almost $1 million in crypto, prosecutors announced Monday.
According to the US Department of Justice (DOJ), Kim Kwang Jin, Kang Tae Bok, Jong Pong Ju, and Chang Nam Il posed as remote IT developers using fake and stolen identities to conceal their North Korean citizenship.
The group initially operated from the United Arab Emirates in 2019 before securing jobs at an Atlanta-based blockchain startup and a Serbian virtual token company between late 2020 and mid-2021.
Prosecutors said Kim and Jong submitted fraudulent documents, including stolen and fabricated IDs, to secure these positions, a tactic US Attorney Theodore S. Hertzberg called a “unique threat” to businesses hiring remote IT workers.
Related:North Korea targets crypto workers with new info-stealing malware
Four North Koreans steal $915,000 in crypto
Once inside, the defendants used their privileged access to steal substantial sums. In February 2022, Jong siphoned approximately $175,000 in crypto. The following month, Kim exploited the source code of smart contracts to steal an additional $740,000.
The stolen funds were then laundered through mixers and sent to exchange accounts controlled by Kang and Chang, all set up using fraudulent Malaysian IDs, investigators said.
“These schemes target and steal from US companies and are designed to evade sanctions and fund the North Korean regime’s illicit programs, including its weapons programs,” said John A. Eisenberg, assistant attorney general for national security.
The case was part of the DOJ’s DPRK RevGen: Domestic Enabler Initiative, a program launched in 2024 targeting North Korea’s illicit revenue streams and US-based enablers.
Related:North Korean hackers set up 3 shell companies to scam crypto devs
DOJ cracks down on North Korean crypto fraud
In another incident, federal agents also conducted coordinated raids across 16 states, seizing nearly 30 financial accounts, over 20 fraudulent websites, and roughly 200 computers from so-called “laptop farms” that enabled North Korean operatives to appear as though they were working from the US.
FBI and DOJ disrupt North Korean schemes. Source:FBIThe DOJ announced Sunday that the schemes involved North Korean IT workers posing as US citizens using stolen identities to gain jobs at over 100 American companies, funneling millions to Pyongyang and even accessing sensitive military data.
Last month, the DOJ filed a civil forfeiture complaint to seize $7.74 million in crypto allegedly earned by North Korean IT workers posing as remote blockchain contractors using fake identities.
Magazine:North Korea crypto hackers tap ChatGPT, Malaysia road money siphoned: Asia Express
#Bitcoin
#Cryptocurrencies
#Bitcoin Regulation
#Hackers
#United States
#North Korea
#Scams
#Hacks
#Regulation
Add reaction
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
DOJ charges 4 North Koreans in $1M crypto theft from blockchain startup
Four North Korean nationals have been charged in Georgia for wire fraud and money laundering after posing as remote IT workers at US and Serbian blockchain companies and stealing almost $1 million in crypto, prosecutors announced Monday.
According to the US Department of Justice (DOJ), Kim Kwang Jin, Kang Tae Bok, Jong Pong Ju, and Chang Nam Il posed as remote IT developers using fake and stolen identities to conceal their North Korean citizenship.
The group initially operated from the United Arab Emirates in 2019 before securing jobs at an Atlanta-based blockchain startup and a Serbian virtual token company between late 2020 and mid-2021.
Prosecutors said Kim and Jong submitted fraudulent documents, including stolen and fabricated IDs, to secure these positions, a tactic US Attorney Theodore S. Hertzberg called a “unique threat” to businesses hiring remote IT workers.
Related: North Korea targets crypto workers with new info-stealing malware
Four North Koreans steal $915,000 in crypto
Once inside, the defendants used their privileged access to steal substantial sums. In February 2022, Jong siphoned approximately $175,000 in crypto. The following month, Kim exploited the source code of smart contracts to steal an additional $740,000.
The stolen funds were then laundered through mixers and sent to exchange accounts controlled by Kang and Chang, all set up using fraudulent Malaysian IDs, investigators said.
“These schemes target and steal from US companies and are designed to evade sanctions and fund the North Korean regime’s illicit programs, including its weapons programs,” said John A. Eisenberg, assistant attorney general for national security.
The case was part of the DOJ’s DPRK RevGen: Domestic Enabler Initiative, a program launched in 2024 targeting North Korea’s illicit revenue streams and US-based enablers.
Related: North Korean hackers set up 3 shell companies to scam crypto devs
DOJ cracks down on North Korean crypto fraud
In another incident, federal agents also conducted coordinated raids across 16 states, seizing nearly 30 financial accounts, over 20 fraudulent websites, and roughly 200 computers from so-called “laptop farms” that enabled North Korean operatives to appear as though they were working from the US.
Last month, the DOJ filed a civil forfeiture complaint to seize $7.74 million in crypto allegedly earned by North Korean IT workers posing as remote blockchain contractors using fake identities.
Magazine: North Korea crypto hackers tap ChatGPT, Malaysia road money siphoned: Asia Express