US authorities have identified and indicted 14 North Koreans posing as remote IT workers for US firms, who funneled their wages – sometimes with extortions from blackmailing firms – to Pyongyang.

Ashley T. Johnson, an FBI official involved in the investigation, said at a news conference that the scheme involved thousands of IT workers and amounted to $88 million of funding for Pyongyang’s arms programs over multiple years.

The 14 North Koreans indicted face wire fraud, money laundering, identity theft and other charges.

Johnson described the Tuesday indictment as “the tip of the iceberg,” adding that companies hiring remote workers likely encountered applicants working for Pyongyang.

Johnson said the North Korean nationals posed as full-time remote IT workers or freelancers for US firms, sometimes using stolen identities, then worked for the firms and funneled their wages to Pyongyang for its arms programs, as per AP News.

Advertisement

Johnson said the workers also stole sensitive information from the firms, at times extracting payments from them by threatening to leak the information. The BBC reported one such case involving an unnamed Western firm in October.

While the North Korean IT workers have likely conducted genuine work for the companies who hired them, there have been known cases in which some installed malware on workstations soon after employment, prompting concerns that the scheme is also connected to Pyongyang’s global hacking campaign.

North Korean Troops Suffer Heavy Losses in Kursk Assaults, Replacements Needed - HUR
Other Topics of Interest

North Korean Troops Suffer Heavy Losses in Kursk Assaults, Replacements Needed - HUR

Units of the DPRK army suffered significant losses during weekend operations, with at least 30 soldiers killed or wounded, according to Ukrainian intelligence sources.

In July, a grand jury in Kansas charged a North Korean hacker affiliated with Pyongyang for a ransomware attack against healthcare institutions.

Johnson said the North Korean workers also paid Americans to use their home Wi-Fi connections or to pose in on-camera job interviews as the IT workers, adding that the FBI would also pursue these “domestic enablers.”

Johnson said those indicted are located in North Korea, rendering their arrests difficult. The US  Department of State is offering a $5 million bounty for information that could aid their arrests.

Advertisement

The indictment is the first that resulted from an investigation announced in October last year, where the FBI in St. Louis announced the seizure of $1.5 million and 17 domain names in connection to Pyongyang’s scheme.

To suggest a correction or clarification, write to us here
You can also highlight the text and press Ctrl + Enter