- Trending
- Comments
- Latest
The U.S. Department of Justice (DOJ) has charged four North Korean crypto fraud suspects for allegedly stealing nearly $1 million in cryptocurrency from blockchain startups while posing as remote IT workers.
The North Korean suspects, identified as Kim Kwang Jin, Kang Tae Bok, Jong Pong Ju, and Chang Nam Il, used fake identities to secure jobs at companies in the U.S. and Serbia before executing sophisticated thefts.
The case highlights Pyongyang’s ongoing reliance on cybercrime to bypass international sanctions and finance its weapons programs.
According to prosecutors, the North Korean crypto fraud suspects first set up operations in the United Arab Emirates in 2019 before infiltrating an Atlanta-based blockchain startup and a Serbian crypto firm between late 2020 and mid-2021.
To conceal their origins, they submitted falsified documents, including stolen and fabricated IDs. U.S. Attorney Theodore S. Hertzberg described the tactic as a “unique threat” to businesses hiring remote workers, emphasizing how difficult it is to verify identities in decentralized industries.
According to the US Department of Justice, once inside the companies, the suspects exploited their access to siphon funds. In February 2022, Jong allegedly stole $175,000 in crypto, while Kim manipulated smart contract source code to steal an additional $740,000 the following month.
The DOJ revealed that the North Korean crypto fraud suspects laundered the stolen funds through cryptocurrency mixers before transferring them to exchange accounts controlled by Kang and Chang. These accounts were registered using fraudulent Malaysian identities, further obscuring the money trail.
John A. Eisenberg, assistant attorney general for national security, stated that these schemes “target and steal from U.S. companies” while directly supporting North Korea’s sanctioned weapons programs.
This case is part of the DOJ’s DPRK RevGen: Domestic Enabler Initiative, launched in 2024 to disrupt Pyongyang’s revenue streams and penalize U.S.-based facilitators.
In a related operation, federal agents raided locations across 16 states, seizing nearly 30 financial accounts, over 20 fraudulent websites, and around 200 computers from “laptop farms.” These setups allowed North Korean crypto fraud suspects and other operatives to appear as if they were working from within the U.S.
Investigators found that North Korean IT workers had infiltrated more than 100 American companies, funneling millions back to the regime—and in some cases, even accessing sensitive military data.
Last month, the DOJ also moved to seize $7.74 million in cryptocurrency linked to similar schemes involving fake blockchain contractors.
The charges against the North Korean crypto fraud suspects underscore the growing risks of hiring remote workers without rigorous identity checks. Blockchain startups, in particular, remain prime targets due to their reliance on decentralized teams and digital payments.
Experts warn that Pyongyang’s cybercrime operations are becoming more sophisticated, leveraging stolen identities and fake profiles to evade detection. The DOJ’s aggressive actions signal a broader effort to clamp down on these illicit financing networks.
As the investigation continues, businesses are urged to implement stricter verification processes to avoid unwittingly employing North Korean crypto fraud suspects or other malicious actors.
Copyright © 2025 - The Bit Gazette.
