The US Department of the Treasury is imposing sanctions against two individuals and four entities connected with North Korean IT workers infiltrating the crypto industry.
Sanctions Details
The sanctioned individuals include North Korean national Song Kum Hyok and Russian national Gayk Asatryan, both accused of supporting operations of North Korean IT workers targeting the crypto sector.
Song Kum Hyok is linked to North Korea’s Reconnaissance General Bureau and its hacking unit Andariel, accused of creating fake identities using stolen US citizens’ information to assist foreign DPRK IT workers.
Methods of North Korean Hackers
North Korean IT workers reportedly use falsified documents and fake profiles to gain employment in crypto and tech firms. Allegations suggest these workers, managed externally, use freelance platforms and crypto exchanges to receive and launder funds back to North Korea.
The operational strategies have evolved significantly from direct cyberattacks to embedding themselves quietly in legitimate companies.
US Response Strategy
In recognition of the growing threat from North Korean hackers, US authorities are actively targeting the infrastructure supporting these infiltration schemes. The Department of Justice is pursuing cases against DPRK-linked operatives and seeking the recovery of funds tied to laundered cryptocurrency.
Estimates indicate that as many as 920 North Korean IT workers may have infiltrated roles within the crypto sector, generating over $16 million from unsuspecting employers.
The situation involving North Korean hackers in the crypto industry is concerning, and US actions may help to mitigate the threat posed by these malicious actors infiltrating the international tech market.
