U.S. Sanctions 10 North Korean Entities for Laundering $12.7 Million Through Crypto and IT Fraud

The United States government has announced new sanctions against ten North Korean individuals and companies accused of laundering about $12.7 million through cryptocurrency and fraudulent IT-worker schemes. According to the U.S. Department of the Treasury, these funds came from cyber thefts and online fraud operations connected to North Korea’s state-controlled financial networks.

In this action, the Treasury Department has listed eight individuals and two companies for their roles in moving illegal money across borders. Most of them are linked to the previously sanctioned First Credit Bank, also known as Cheil Credit Bank, which is based in North Korea. These individuals allegedly helped process and hide stolen funds obtained through fake IT work and other cybercrime activities that benefit the North Korean government.

Officials said that over the past few years, North Korea’s cybercrime networks have stolen more than $3 billion, mostly in cryptocurrencies. This makes the country one of the most active state-sponsored cybercrime actors in the world. The stolen money is reportedly routed through a complex network of shell companies, international banks, crypto wallets, and agents operating in countries like China and Russia to disguise its origin.

Among the people named in the sanctions are Jang Kuk Chol and Ho Jong Son, two bankers accused of managing around $5.3 million in cryptocurrency connected to First Credit Bank. The Treasury linked some of this money to ransomware activities and other malicious cyber operations that support North Korea’s weapons programs.

The U.S. also sanctioned a North Korean IT company called Korea Mangyongdae Computer Technology Company (KMCTC) and its president U Yong Su. The company was allegedly involved in sending North Korean IT professionals overseas or having them work remotely under false identities. These individuals pretended to be legitimate tech workers or developers, often using fake profiles that appeared to be from countries like the United States or South Korea.

Through these fake identities, North Korean IT workers were able to get remote jobs in international companies, earning money that was secretly funneled back to their government. The U.S. Treasury warned that these operations help fund North Korea’s military and weapons development programs, including ballistic missiles and nuclear projects.

To increase transparency, the Treasury also released a list of over 50 cryptocurrency wallet addresses linked to the sanctioned individuals and companies. This move will help global crypto exchanges, financial institutions, and compliance teams identify and block transactions involving these wallets. The goal is to stop the movement of illegal funds tied to North Korea’s cyber activities.

As a result of the sanctions, all assets of the named individuals and organizations within U.S. jurisdiction are now frozen. American citizens and companies are also prohibited from conducting any business or transactions with them. This includes direct financial dealings as well as indirect crypto-related transfers.

The U.S. government stated that these measures are part of its broader strategy to cut off North Korea’s revenue streams that come from illicit online activities. By targeting those who move and clean stolen money, the sanctions aim to weaken the country’s ability to finance its nuclear and missile programs.

Officials also emphasized that the growing use of cryptocurrency by North Korea and other sanctioned countries poses a major challenge for international law enforcement. The ability to move funds anonymously across borders has made digital currencies a preferred tool for laundering money obtained from cybercrime.

In summary, the latest sanctions highlight how North Korea continues to use a mix of stolen crypto funds, fake IT jobs, and shell companies to bypass global restrictions and fund its state projects. The $12.7 million identified in this case is part of a much larger pattern of cyber-enabled financial crime that has helped the country generate billions of dollars outside traditional banking systems.

The U.S. Treasury’s action is meant to send a strong signal that such operations will not go unpunished, and that international financial institutions and crypto platforms must take stronger steps to block illegal transactions linked to North Korean cyber networks.

Stay alert, and keep your security measures updated!

Source: Follow cybersecurity88 on X and LinkedIn for the latest cybersecurity news