US Alleges North Korea Profited Millions from Remote IT Worker Scheme

A federal court situated in St Louis has brought charges against 14 individuals from North Korea, asserting their involvement in an extensive conspiracy. This alleged scheme sought to extort money from American businesses and channel these proceeds towards Pyongyang’s weapons development initiatives. This broader operation reportedly encompasses thousands of North Korean information technology personnel. These individuals purportedly utilized fabricated, purloined, or loaned identities belonging to people in the US and other nations to secure employment and perform remote work for American companies. According to the indictment, the accused individuals and their collaborators amassed a minimum of $88m (£51.5m) for the North Korean government across a span of six years. North Korea’s delegation to the United Nations did not provide an immediate response when contacted for comment by BBC News. Prosecutors state that the alleged perpetrators were employed by two companies under North Korean control: Yanbian Silverstar, which is based in China, and Volasys Silverstar, based in Russia. These individuals were part of a contingent of 130 North Korean IT professionals working for the two companies, where they were internally designated as “IT Warriors,” as per the US Department of Justice. The suspects were reportedly instructed to demand monthly salaries of $10,000 from their American employers. Beyond their regular wages, they purportedly generated additional funds for the North Korean regime by illicitly obtaining sensitive corporate data and threatening its disclosure unless an extortion fee was paid by the employer. The collective now confronts accusations including wire fraud, money laundering, identity theft, and additional offenses. In addition to employing stolen identities to evade discovery, prosecutors indicated that the individuals compensated US residents to accept, configure, and host laptops supplied by the American employers. Subsequently, they would direct these US residents to install remote access software, creating the impression that they were operating from within the US while they were, in fact, located abroad. Investigators hold the view that the suspects are currently located in North Korea, which renders their eventual prosecution improbable. Nevertheless, the US State Department has declared its intention to provide a reward of up to $5m to any individual offering further details concerning the suspects, along with Yanbian and Volasys. American authorities have refrained from disclosing the names of the US companies that were victims of this operation. Ashley T. Johnson, the special agent in charge of the FBI’s field office in St Louis, stated: “While we have disrupted this group and identified its leadership, this is just the tip of the iceberg.” He added: “The government of North Korea has trained and deployed thousands of IT workers to perpetrate this same scheme against US companies every day.” Copyright 2024 BBC. All rights reserved. The BBC bears no responsibility for the material found on external websites. Information regarding our policy on external linking is available.