Other accomplices included people in New York, California, and even an active-duty US military member, hosting laptop farms for money. The fraud caused at least four big companies to lose $100,000 or more each. The fraud also involved a California defense contractor from which sensitive military tech documents were stolen, as per the Fortune report.
The fraud affected companies in many states across the US, including California, Massachusetts, New York, New Jersey, Florida, Georgia, and more. Security expert Michael Barnhart said the arrests show North Korean IT workers don’t just steal money but can also harm national security by accessing trusted company networks.
Barnhart warned companies to rethink hiring processes to avoid such threats. Assistant Attorney General John Eisenberg said the Justice Department will keep fighting these cyber-enabled networks to stop North Korea’s illicit programs. The second indictment described four North Korean IT workers who used fake IDs to get jobs at US companies in Atlanta and stole nearly $1 million in crypto, according to the report by Fortune.
They laundered the stolen crypto to hide its origin before sending it to North Korea. One worker, Kim Kwang Jim, used a fake Portuguese ID to get hired and then stole millions of crypto tokens by changing the company’s smart contract code.
Kim tried to excuse the theft by blaming a “github refactor” but was accused via Telegram messages by the company founder. Another worker, Jong Pong Ju, used the fake name “Bryan Cho” to get hired and stole crypto worth about $175,000. Jong helped hire another fake employee called “Peter Xiao,” who was really another defendant, as stated by Fortune report.
Jong sent a video using a fake Malaysian driver’s license to prove his fake identity to the company and gained more access. After stealing crypto, Jong said he “accidentally dropped the private key” in a public file on Github, as a cover story. The stolen crypto was laundered using a crypto mixer called Tornado Cash, which hides the money’s trail.
Kang Tae Bok, another defendant, opened accounts with fake IDs to receive the mixed crypto funds. The FBI will soon release a new “Wanted” poster for these defendants. Tornado Cash and Wang did not respond to requests for comments, as per the Fortune report.
US Attorney Hertzberg said the case shows the danger North Korea poses by using fake remote workers and that the US will prosecute anyone stealing from American companies.
They used fake identities and front companies to get remote jobs and stole money and cryptocurrency.
The US government is arresting suspects, shutting down fake companies, and warning businesses to check remote workers carefully.
