Millions of dollars in cryptocurrency, allegedly
earned by North Korean IT workers using stolen U.S. identities, now sit frozen
as part of a sweeping U.S. forfeiture action aimed at dismantling a
sophisticated sanctions-evasion network.
The Department of Justice (DOJ) revealed this latest
seizure reportedly as part of its ongoing efforts to disrupt illicit revenue streams that
fund Pyongyang’s weapons development.
A Digital Trail of Deception
The civil forfeiture complaint, filed in the District
of Columbia, alleges that North Korean nationals posed as remote IT
contractors, working for companies in the United States and elsewhere.
Department Files Civil Forfeiture Complaint Against Over $7.74M Laundered on Behalf of the North Korean Government
🔗: https://t.co/T6nh2ETMYY pic.twitter.com/o23HY6C6Zw
— U.S. Department of Justice (@TheJusticeDept) June 5, 2025
Their goal was reportedly to generate hard-to-trace
crypto income to funnel back to the regime in Pyongyang quietly. By using fake
identities and securing jobs in blockchain
Blockchain
Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned). In this sense, blockchain is immune to the manipulation of data, making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tamp
Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned). In this sense, blockchain is immune to the manipulation of data, making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tamp
Read this Term development firms, they built up a
digital pipeline worth a million.
The funds, worth over $7.74 million, were initially
frozen during an earlier case involving Sim Hyon Sop, an alleged Foreign Trade
Bank representative working with these IT operatives. U.S. authorities claim Sim coordinated money flows
between the workers and the North Korean government.
Read more: North Korean Hackers Use Fake U.S. Companies to Spread Malware in Crypto Industry
“This forfeiture action highlights, once again, the
North Korean government’s exploitation of the cryptocurrency ecosystem to fund
its illicit priorities,” said Matthew R. Galeotti, Head of the Justice
Department’s Criminal Division.
“The Department will use every legal tool at its
disposal to safeguard the cryptocurrency ecosystem and deny North Korea its
ill-gotten gains in violation of U.S. sanctions,” he added.
According to the complaint, North Korean workers
employed complex laundering techniques to obscure the funds' origins. These
included using fictitious identities, “chain hopping” between blockchains,
token swaps, and even purchasing NFTs to disguise value transfers.
Once disguised, the cryptocurrency was rerouted
through intermediaries, including Sim and Kim Sang Man, the CEO of Chinyong (a
North Korean IT company linked to the military).
FBI Unmasks North Korea’s Remote Workforce
The FBI, which led the investigation, revealed that
North Korea deployed these operatives in countries including China, Russia, and
Laos.
The workers used U.S.-based laptop farms and VPN
obfuscation to hide their true locations. By assuming the identities of
Americans, they duped U.S. companies into paying them in cryptocurrencies
Cryptocurrencies
By using cryptography, virtual currencies, known as cryptocurrencies, are nearly counterfeit-proof digital currencies that are built on blockchain technology. Comprised of decentralized networks, blockchain technology is not overseen by a central authority.Therefore, cryptocurrencies function in a decentralized nature which theoretically makes them immune to government interference. The term, cryptocurrency derives from the origin of the encryption techniques that are employed to secure the netw
By using cryptography, virtual currencies, known as cryptocurrencies, are nearly counterfeit-proof digital currencies that are built on blockchain technology. Comprised of decentralized networks, blockchain technology is not overseen by a central authority.Therefore, cryptocurrencies function in a decentralized nature which theoretically makes them immune to government interference. The term, cryptocurrency derives from the origin of the encryption techniques that are employed to secure the netw
Read this Term like
USDC and USDT.
In a separate recent report, North Korean hackers reportedly
established seemingly legitimate companies in the US to infiltrate the crypto
sector, targeting unsuspecting developers through fake job offers.
According to a report by the Japanese Times, the attackers used legal registrations, corporate fronts, and social engineering to conceal their true identities behind American business facades and deliver malware until the FBI
stepped in.
The fake firms reportedly formed part of an advanced campaign by a subgroup of the Lazarus Group, a state-sponsored cyber unit linked to North Korea’s Reconnaissance General Bureau.
Millions of dollars in cryptocurrency, allegedly
earned by North Korean IT workers using stolen U.S. identities, now sit frozen
as part of a sweeping U.S. forfeiture action aimed at dismantling a
sophisticated sanctions-evasion network.
The Department of Justice (DOJ) revealed this latest
seizure reportedly as part of its ongoing efforts to disrupt illicit revenue streams that
fund Pyongyang’s weapons development.
A Digital Trail of Deception
The civil forfeiture complaint, filed in the District
of Columbia, alleges that North Korean nationals posed as remote IT
contractors, working for companies in the United States and elsewhere.
Department Files Civil Forfeiture Complaint Against Over $7.74M Laundered on Behalf of the North Korean Government
🔗: https://t.co/T6nh2ETMYY pic.twitter.com/o23HY6C6Zw
— U.S. Department of Justice (@TheJusticeDept) June 5, 2025
Their goal was reportedly to generate hard-to-trace
crypto income to funnel back to the regime in Pyongyang quietly. By using fake
identities and securing jobs in blockchain
Blockchain
Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned). In this sense, blockchain is immune to the manipulation of data, making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tamp
Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned). In this sense, blockchain is immune to the manipulation of data, making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tamp
Read this Term development firms, they built up a
digital pipeline worth a million.
The funds, worth over $7.74 million, were initially
frozen during an earlier case involving Sim Hyon Sop, an alleged Foreign Trade
Bank representative working with these IT operatives. U.S. authorities claim Sim coordinated money flows
between the workers and the North Korean government.
Read more: North Korean Hackers Use Fake U.S. Companies to Spread Malware in Crypto Industry
“This forfeiture action highlights, once again, the
North Korean government’s exploitation of the cryptocurrency ecosystem to fund
its illicit priorities,” said Matthew R. Galeotti, Head of the Justice
Department’s Criminal Division.
“The Department will use every legal tool at its
disposal to safeguard the cryptocurrency ecosystem and deny North Korea its
ill-gotten gains in violation of U.S. sanctions,” he added.
According to the complaint, North Korean workers
employed complex laundering techniques to obscure the funds' origins. These
included using fictitious identities, “chain hopping” between blockchains,
token swaps, and even purchasing NFTs to disguise value transfers.
Once disguised, the cryptocurrency was rerouted
through intermediaries, including Sim and Kim Sang Man, the CEO of Chinyong (a
North Korean IT company linked to the military).
FBI Unmasks North Korea’s Remote Workforce
The FBI, which led the investigation, revealed that
North Korea deployed these operatives in countries including China, Russia, and
Laos.
The workers used U.S.-based laptop farms and VPN
obfuscation to hide their true locations. By assuming the identities of
Americans, they duped U.S. companies into paying them in cryptocurrencies
Cryptocurrencies
By using cryptography, virtual currencies, known as cryptocurrencies, are nearly counterfeit-proof digital currencies that are built on blockchain technology. Comprised of decentralized networks, blockchain technology is not overseen by a central authority.Therefore, cryptocurrencies function in a decentralized nature which theoretically makes them immune to government interference. The term, cryptocurrency derives from the origin of the encryption techniques that are employed to secure the netw
By using cryptography, virtual currencies, known as cryptocurrencies, are nearly counterfeit-proof digital currencies that are built on blockchain technology. Comprised of decentralized networks, blockchain technology is not overseen by a central authority.Therefore, cryptocurrencies function in a decentralized nature which theoretically makes them immune to government interference. The term, cryptocurrency derives from the origin of the encryption techniques that are employed to secure the netw
Read this Term like
USDC and USDT.
In a separate recent report, North Korean hackers reportedly
established seemingly legitimate companies in the US to infiltrate the crypto
sector, targeting unsuspecting developers through fake job offers.
According to a report by the Japanese Times, the attackers used legal registrations, corporate fronts, and social engineering to conceal their true identities behind American business facades and deliver malware until the FBI
stepped in.
The fake firms reportedly formed part of an advanced campaign by a subgroup of the Lazarus Group, a state-sponsored cyber unit linked to North Korea’s Reconnaissance General Bureau.
