$5M Bounty: US Hunts North Korean ‘IT Warriors’ Funding Nuclear Program

$5M Bounty: US Hunts North Korean 'IT Warriors' Funding Nuclear Program

North Korean IT Fraud Scheme Exposed: US Offers $5M Reward

The U.S. State Department has announced a $5 million reward for information disrupting North Korean front companies engaged in illegal IT work schemes. Two companies, Yanbian Silverstar (China) and Volasys Silverstar (Russia), orchestrated a sophisticated operation generating over $88 million through fraudulent freelance IT work over six years.

These companies, employing more than 130 North Korean “IT warriors,” used stolen identities of U.S. citizens to secure remote employment opportunities. According to federal authorities, individual workers could earn up to $300,000 annually, with proceeds funding North Korea’s nuclear missile programs in violation of international sanctions.

The Department of Justice has indicted 14 North Korean nationals, including CEO Jong Song Hwa, on charges of sanctions violations, identity theft, wire fraud, and money laundering. Recent enforcement actions include:
– Seizure of approximately $2.26 million across multiple operations
– Shutdown of 29 fraudulent internet domains
– Dismantling of a laptop farm operation in China
– Arrest of an Arizona resident involved in hosting operations

The scheme’s sophistication included:
– Identity theft of U.S. citizens
– Creation of fake employment histories
– Use of AI tools for video interviews
– Money laundering through Chinese banks
– Extortion attempts against former employers

A notable case involved cybersecurity firm KnowBe4, which unknowingly hired a North Korean operative who attempted to install malware despite thorough background checks and multiple video interviews.

The FBI continues to warn organizations about the persistent threat of North Korean IT workers infiltrating U.S. companies, emphasizing the need for enhanced verification procedures in remote hiring practices.

Share This Article