
The U.S. Department of Justice has indicted five individuals in connection with a sophisticated North Korean IT worker fraud scheme. The defendants include two North Korean nationals (Jin Sung-Il and Pak Jin-Song), one Mexican national (Pedro Ernesto Alonso De Los Reyes), and two U.S. citizens (Erick Ntekereze Prince and Emanuel Ashtor).
The scheme, operating from April 2018 to August 2024, targeted 64 U.S. companies, generating at least $866,255 in revenue from ten companies. The operation involved North Korean nationals using forged identities to secure remote IT positions, with payments laundered through Chinese bank accounts.
Key aspects of the operation included:
– Using laptop farms to deceive employers about workers’ locations
– Unauthorized installation of remote access software
– Identity theft and document forgery
– Money laundering through various accounts
The defendants face multiple charges, including:
– Conspiracy to damage protected computers
– Wire and mail fraud conspiracy
– Money laundering conspiracy
– False identification document transfer conspiracy
The FBI has observed these workers:
– Exfiltrating sensitive company data
– Conducting cyber-criminal activities
– Extorting companies with stolen data
– Compromising GitHub repositories
The scheme extends beyond U.S. borders, with Japanese companies also targeted. Perpetrators created elaborate online personas using platforms like GitHub and various freelance websites to appear legitimate.
If convicted, the defendants face up to 20 years in prison. This case represents part of broader efforts to combat North Korea’s attempts to circumvent international sanctions.