North Korean nationals steal $1M in crypto via remote jobs at blockchain firms

The US Department of Justice has charged four North Korean nationals who posed as IT workers at blockchain startups to siphon roughly $1 million in cryptocurrencies using insider access. Kim Kwang Jin, Kang Tae Bok, Jong Pong Ju, and Chang Nam Il were indicted on charges of wire fraud and money laundering for infiltrating blockchain firms and stealing cryptocurrency, a recent press release from the DOJ noted. The four North Korean nationals, operating under false identities, were able to secure remote employment at blockchain companies in the U.S. and Serbia, gaining privileged access to digital assets, which they later exploited for illicit financial gain. Roughly $1 million stolen According to authorities, between 2020 and 2022, Kim and Jong posed as remote IT developers for an Atlanta-based blockchain startup and a Serbian token company. To conceal their North Korean nationality, they submitted fabricated and stolen identification documents, including documents bearing the identities of real individuals. Prosecutors said the fraudulent materials enabled them to bypass background checks and gain the trust of their employers. Once embedded within these firms, the defendants gained access to sensitive infrastructure and cryptocurrency assets. In February 2022, Jong reportedly siphoned off $175,000 in crypto from his employer’s systems. The following month, Kim allegedly modified the smart contract source code to steal approximately $740,000. The stolen funds were then funnelled through mixing services and transferred to exchange accounts held by Kang and Chang, who operated under Malaysian aliases and used fraudulent identity documents to open those accounts. The start of the multi-year campaign can be traced back to 2019 when the group relocated to the United Arab Emirates to coordinate operations. By late 2020, Kim Kwang Jin used the stolen identity of a US citizen, referred to as P.S., to get hired as a remote developer at a blockchain firm based in Atlanta. Around the same time, Jong Pong Ju, using the alias “Bryan Cho,” secured a similar role at a Serbian token company. After gaining the company’s trust, Jong recommended a new candidate, “Peter Xiao,” for another developer role. The company accepted the referral and hired him, unaware that “Peter Xiao” was actually Chang Nam Il, another North Korean operative. This step-by-step recruitment allowed multiple members of the group to embed themselves within the target companies, increasing their access and control over internal systems. DOJ officials said the charges are part of the department’s broader DPRK RevGen: Domestic Enabler Initiative, launched in 2024 to disrupt North Korea’s revenue-generating cyber operations and target those aiding them within the US Federal agents also conducted related operations in recent months, including raids across 16 states that resulted in the seizure of nearly 30 financial accounts, 200 computers, and over 20 fraudulent websites tied to DPRK-linked IT workers. Authorities said these so-called “laptop farms” helped North Korean operatives appear to be working from US locations, further legitimizing their employment profiles. North Korean hackers are a major threat to crypto North Korean hackers have been responsible for stealing over $3 billion in cryptocurrency in recent years, according to estimates from US federal agencies and independent cybersecurity researchers. Earlier this year, the US, Japan, and South Korea released a joint statement urging blockchain firms to review hiring practices and monitor for social engineering tactics used by North Korean actors. Despite ongoing sanctions, North Korea has continued to exploit the remote work ecosystem to bypass financial restrictions and channel funds into weapons development. The US Treasury has estimated that DPRK IT workers collectively generate hundreds of millions of dollars each year, with up to 90% of wages seized by the regime. The post North Korean nationals steal $1M in crypto via remote jobs at blockchain firms appeared first on Invezz

Source: Invezz