The U.S. Treasury Department has sanctioned a network of individuals and front companies linked to North Korea’s Ministry of National Defense that have generated revenue via illegal remote IT work schemes.
“The DPRK continues to rely on its thousands of overseas IT workers to generate revenue for the regime, to finance its illegal weapons programs, and to enable its support of Russia’s war in Ukraine,” said Acting Under Secretary of the Treasury Bradley T. Smith.
“The United States remains resolved to disrupt these networks, wherever they operate, that facilitate the regime’s destabilizing activities.”
Today, the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned North Korean front companies Korea Osong Shipping Co (Osong) and Chonsurim Trading Corporation (Chonsurim), as well as their presidents Jong In Chol and Son Kyong Sik.
OFAC also sanctioned Liaoning China Trade, a Chinese company that has supplied Department 53 of the Ministry of National Defense, a weapons-trading entity that also generates revenue using IT and software development front companies, with electronics equipment, including notebook and desktop computers.
Due to these sanctions, U.S. organizations and citizens are prohibited from conducting transactions with sanctioned individuals and companies. Furthermore, all assets linked to them in the U.S. will be frozen, while U.S. financial institutions and foreign entities involved in transactions with them may also face penalties.
The State Department also offers up to $5 million for tips that could help disrupt the activities of two other North Korean front companies, Yanbian Silverstar and Volasys Silverstar (and their employees). Over the last six years, these companies have generated over $88 million in illegal remote IT work schemes.
North Korea’s “IT warriors”
The North Korean IT workers, who refer to themselves as “IT warriors,” impersonate U.S.-based IT staff by connecting to enterprise networks using U.S.-based laptop farms, something that the FBI has warned for years.
Circumventing U.S. and UN sanctions, North Korea sends thousands of IT professionals abroad to generate revenue. The workers hide their real identities to fraudulently secure freelance IT contracts worldwide.
However, the North Korean government keeps up to 90% of their wages, generating hundreds of millions yearly to fund its weapons programs, including mass destruction and ballistic missiles.
As the FBI repeatedly cautioned over the years, North Korea maintains a large army of IT workers trained to conceal their true identities to secure employment at hundreds of companies in the United States and worldwide.
After being found and fired, some North Korean IT workers have also used insider knowledge to extort their former employers, threatening to leak stolen sensitive information online.