The Justice Department on Monday unveiled criminal charges related to a scheme by North Korea, which sought to finance its weapons program through the employment of IT workers whose salaries were paid by unsuspecting U.S. companies. This announcement follows a broad investigation that resulted in the seizure of digital accounts, websites, and laptops connected to fraudulent activities.
This operation includes cases out of Georgia and Massachusetts, marking the latest efforts by the Justice Department to tackle a recurring threat which officials claim not only generates substantial revenue for the North Korean regime but also potentially provides access to sensitive data from American firms. According to the authorities, the ruse involved thousands of workers dispatched by the North Korean government, posing with fraudulent or stolen identities, as remote IT employees for American businesses, including some in the Fortune 500 ranks. These companies were misled into imagining that their workers were based within the U.S., though many of them were actually in North Korea or China. The salaries paid to these employees were funneled into accounts tied to North Korea.
Assistant Attorney General John Eisenberg, leading the Justice Department’s National Security Division, emphasized that these schemes are crafted to exploit and steal from American businesses while skirting sanctions, funding North Korea’s illicit activities, such as its weapons programs.
A particular case emerging from federal court in Massachusetts exposed the arrest of a U.S. national, along with charges against numerous Chinese and Taiwanese individuals. These accusations involve an intricate fraud that allegedly amassed millions of dollars and impacted numerous companies. Legal documents suggest that the scheme included the creation of financial accounts to collect revenues and the establishment of shell companies and deceptive websites, allowing the workers to appear as part of legitimate enterprises. Facilitators located in the U.S. played a role in enabling remote computer access, duping corporations into believing that the workers were logging in from American soil.
The Justice Department declined to disclose which companies were defrauded, but noted that some bogus workers managed to access and steal data relevant to sensitive military technology. Meanwhile, the case in Georgia involves charges against four North Korean IT workers accused of pilfering virtual currency worth hundreds of thousands from their employers; these defendants remain at large.
Similar prosecutions have been pursued by the Justice Department in recent years, alongside initiatives designed to counter and disrupt these threats effectively.