The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed sanctions on Russian national Vitaliy Sergeyevich Andreyev, DPRK official Kim Ung Sun, Chinese entity Shenyang Geumpungri Network Technology Co., Ltd.
DPRK-based Korea Sinjin Trading Corporation for their involvement in a sophisticated fraudulent scheme involving information technology workers orchestrated by the Democratic People’s Republic of Korea (DPRK) government.
This action targets a network that exploits overseas IT labor to generate revenue for the DPRK’s prohibited weapons of mass destruction (WMD) and ballistic missile programs, in direct violation of U.S. and United Nations sanctions regimes.
Under Secretary of the Treasury for Terrorism and Financial Intelligence John K. Hurley emphasized that the DPRK regime persistently targets U.S. businesses through these fraud operations, where IT workers engage in data theft and ransomware demands.
Under the Trump administration, the Treasury remains committed to safeguarding American interests by disrupting these schemes and enforcing accountability through targeted financial measures.
DPRK’s IT Workforce as a Revenue Engine
This designation builds upon prior OFAC actions, including the earlier sanctioning of Chinyong Information Technology Cooperation Company, expanding the scope to encompass affiliated entities within its operational network.
It also addresses the network’s utilization of cryptocurrency for sanctions evasion, aligning with recent enforcement efforts such as those announced on July 8 and July 24.
These measures form part of a broader whole-of-government strategy to counteract the DPRK’s multifaceted revenue-generation tactics, coordinated with international partners.
In parallel, the U.S. Department of State, alongside the foreign ministries of Japan and the Republic of Korea, issued a joint statement highlighting the cybersecurity and economic threats posed by DPRK IT operatives.
The DPRK leverages its dispersed IT workforce to circumvent international sanctions, funneling earnings from fraudulent employment into its military programs.
These workers often employ falsified identities, pilfered personal data, and fabricated personas to infiltrate legitimate enterprises in the U.S. and allied nations.
The regime appropriates the bulk of wages earned abroad, amassing hundreds of millions in illicit funds to support WMD and ballistic missile development.
In certain instances, these operatives embed malware within corporate networks to exfiltrate proprietary data, enabling extortion or intelligence gathering.
Technical advisories, such as the January 23, 2025 Federal Bureau of Investigation Public Service Announcement on North Korean IT Workers Conducting Data Extortion, detail the methodologies employed, including identity obfuscation and network infiltration tactics.
Further guidance appears in the May 16, 2022 IT Worker Advisory from the Departments of State, Treasury, and Justice, outlining protective measures for private sector networks against such cyber-enabled financial crimes.
Targeted Network
OFAC’s latest designations focus on an interconnected IT worker ecosystem comprising a DPRK trading firm, a Chinese shell company, and key facilitators who provide material support to generate regime revenue.
Vitaliy Sergeyevich Andreyev, a Russian facilitator, has enabled financial transactions for the U.S.-designated Chinyong Information Technology Cooperation Company, an entity linked to the DPRK’s Ministry of Defense that deploys IT delegations in Russia and Laos.
Since December 2024, Andreyev has collaborated with Kim Ung Sun, a DPRK consular official in Russia, to convert cryptocurrency holdings into approximately $600,000 in U.S. dollar cash equivalents.
Andreyev faces designation under Executive Order 13687 for materially assisting Chinyong, while Kim Ung Sun is sanctioned for acting on behalf of the DPRK government.
Shenyang Geumpungri Network Technology Co., Ltd. operates as a front for Chinyong, hosting a cadre of DPRK IT workers that has generated over $1 million in profits since 2021, benefiting both Chinyong and Korea Sinjin Trading Corporation.
The latter, subordinate to the sanctioned DPRK Ministry of People’s Armed Forces General Political Bureau, receives directives from regime officials on international IT deployments.
Shenyang Geumpungri is designated under E.O. 13687 for being controlled by Chinyong, and Sinjin for its direct ties to the DPRK government.
These sanctions block all U.S.-based property and interests of the designated parties, extending to entities owned 50 percent or more by them, prohibiting transactions without OFAC authorization.
Violations may incur strict liability civil penalties or criminal prosecution, as outlined in OFAC’s Economic Sanctions Enforcement Guidelines.
Financial institutions engaging with these blocked persons risk secondary sanctions, including restrictions on U.S. correspondent or payable-through accounts for knowingly facilitating significant transactions.
This framework underscores the U.S. commitment to disrupting DPRK’s cyber-facilitated evasion tactics, protecting global financial systems from exploitation in support of prohibited proliferation activities.
Find this News Interesting! Follow us on Google News, LinkedIn, and X to Get Instant Updates!
Source link
