In a move to combat illicit revenue generation for North Korea’s weapons programs, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has imposed sanctions on a network of individuals and entities involved in a widespread fraudulent IT worker scheme. The sanctions target a Russian national, a North Korean consular official, and two companies—one based in China and another in North Korea—for their roles in a sophisticated operation that uses fraudulent identities to place North Korean IT workers in remote jobs worldwide.
This operation is a key source of funding for North Korea’s weapons of mass destruction (WMD) and ballistic missile programs, which are in violation of multiple U.S. and United Nations sanctions. The scheme involves highly skilled IT workers who, posing as legitimate professionals, secure high-paying jobs in the U.S. and other countries. The majority of the wages they earn, which can amount to hundreds of millions of dollars, are seized by the North Korean regime to finance its military ambitions. In some cases, these workers have also been found to introduce malware into company networks to steal data and demand ransoms.
The newly sanctioned individuals and entities are:
- Vitaliy Sergeyevich Andreyev, a Russian national who facilitated financial transfers, converting over
$600,000in cryptocurrency into U.S. dollars on behalf of a sanctioned North Korean IT company. - Kim Ung Sun, a North Korean economic and trade consular official based in Russia, who collaborated with Andreyev on the money laundering.
- Shenyang Geumpungri Network Technology Co., Ltd., a Chinese front company that manages a group of North Korean IT workers and has generated over
$1million in profits. - Korea Sinjin Trading Corporation, a North Korean state-affiliated trading company subordinate to the Ministry of People’s Armed Forces General Political Bureau.
Under Secretary of the Treasury for Terrorism and Financial Intelligence, John K. Hurley, stated that the U.S. remains committed to protecting American businesses from these schemes. The sanctions block all property and interests in property of the designated individuals and entities that are in the United States or in the possession of U.S. persons.
This latest action builds on previous U.S. efforts to disrupt these networks, with recent crackdowns including the seizure of $7.74 million in cryptocurrency by the Justice Department. The move also follows a joint statement by the U.S., Japan, and the Republic of Korea to enhance cooperation and information sharing to counter the threat posed by these schemes, underscoring a united front against North Korea’s illicit activities.
