News
  • Qadir AK
    author-profile

    Qadir AK right arrow

    Author

    Qadir Ak is the founder of Coinpedia. He has over a decade of experience writing about technology and has been covering the blockchain and cryptocurrency space since 2010. He has also interviewed a few prominent experts within the cryptocurrency space.

    • author facebook
    • author twitter
    • linkedin

  • 2 minutes read

North Korea Laundered $7.7M in Crypto: DOJ Reveals 

The U.S. Department of Justice (DOJ) has seized over $7.74 million in cryptocurrency allegedly laundered by North Korean IT workers posing as remote employees at U.S. and international companies. This operation, exposed through a civil forfeiture complaint filed in the District of Columbia, reveals how North Korea has been exploiting the crypto and AI boom to bypass U.S. sanctions and fund its weapons programs.

Fake Resumes, AI Tools, and NFT Laundering

According to the DOJ, the operatives used stolen or fake IDs to bypass KYC checks and secure work under assumed identities. They often received their payments in U.S. dollar-pegged stablecoins. The laundering strategy involved sophisticated crypto techniques, mixing funds, converting between tokens, buying NFTs, and transferring assets in small amounts to avoid detection.

The operatives routed the funds through known intermediaries, including Sim Hyon Sop of the sanctioned Foreign Trade Bank and Kim Sang Man of Chinyong IT Cooperation Company.

AI’s Alarming Role in the Scheme

OpenAI confirmed that several accounts linked to North Korean clusters were banned for using AI tools like ChatGPT to automate job applications, craft fake employment histories, and even research targets. Some operatives ran “laptop farms,” simulating normal work behavior from countries like Russia and Laos. Google had previously taken similar steps, removing North Korea-linked accounts.

Meanwhile, tech firms like Google and OpenAI have shut down multiple accounts linked to North Korean deception campaigns.

Part of Ongoing Crackdown on DPRK’s Digital Networks

This seizure follows the DOJ’s broader DPRK RevGen initiative launched in March 2024, aimed at disrupting North Korea’s growing cyber-financial operations. “US Sanctions are in place for a reason,” said U.S. Attorney Jeanine Pirro. “We will continue to investigate and prosecute anyone helping North Korea fund its illegal weapons programs.”

Despite a slower pace under the Trump administration, Thursday’s action signals the U.S. is far from easing up on North Korea’s crypto-powered sanctions evasion.

FAQ

Who is the Lazarus Group and how are they connected to crypto hacks?

The Lazarus Group is a North Korean state-sponsored hacking unit. They’ve carried out major crypto thefts, including the $620 million Ronin Bridge hack in 2022, one of the largest in history.

Has the DOJ successfully recovered any stolen crypto from North Korea?

Yes. The DOJ has seized millions in stolen and laundered cryptocurrency, including the recent $7.74 million from fake IT workers tied to North Korea.

How do North Korean operatives earn crypto through fake jobs?

They pose as remote developers or IT workers using fake or stolen identities. Once hired, they get paid in **cryptocurrency—mainly stablecoins—**which they later launder.

Show More

Related Articles

Back to top button