The US Department of Justice has charged four North Korean citizens suspected of a large-scale cryptocurrency theft. The perpetrators, using forged documents, posed as American IT specialists working remotely and managed to gain the trust of employers in the US and Serbia.
This is reported by Finway
Fraud Scheme and Identification of Criminals
According to the agency, the suspects include Kim Kwan Jin, Kang Tae Bok, Jong Pong Ju, and Chang Nam Il. All of them used both forged and stolen personal data to create a convincing story for employers. According to the Department of Justice, in 2019 these individuals arrived in the UAE with North Korean passports, where they worked for some time. Between 2020 and 2021, two of them, Kim Kwan Jin and Jong Pong Ju, were employed remotely by companies in the US and Serbia. Later, Chang Nam Il joined them, introducing himself as Peter Xiao.
After the fraudsters earned the trust of their employers, they gained access to the companies’ cryptocurrency assets. In February and March 2022, the criminals stole a total of $915,000 in cryptocurrencies. To mask the origin of the funds, cryptocurrency mixers were used, and the money was withdrawn to accounts registered under shell companies with Malaysian documents, controlled by Kang Tae Bok and Chang Nam Il.
“The police arrested 29 financial accounts and seized over 200 computers. It is known that North Korean hackers infiltrated more than 100 American companies and even gained access to military information.”
Large-Scale Operation Against Cyber Fraud
The case is being investigated by agents of the Federal Bureau of Investigation. The Department of Justice also conducted a large-scale operation across 16 states, resulting in the uncovering of 29 so-called “laptop farms.” Through these schemes, North Korean hackers created the illusion of legitimate work from the US and gained access to American companies and even sensitive military information.
As part of the special operation, law enforcement blocked 29 financial accounts and seized over 200 computers. Previously, experts from the Google Threat Intelligence Group had reported an increase in cases of North Korean hackers using shell companies to attack firms, particularly in Europe. Specialists emphasize the heightened activity of such criminal groups amid increased scrutiny from American law enforcement agencies.