Four individuals from North Korea have been issued an indictment by a federal grand jury in Georgia. These individuals are accused of being instrumental in designing and executing a plot to illicitly acquire and clean over $900,000 in digital currency from firms both within the United States and globally, with one such company being Atlanta-based.
The federally indicted individuals are Kim Kwang Jin, Kang Tae Bok, Jong Pong Ju, and Chang Nam Il. These North Korean nationals are faced with five federal charges that envelope wire fraud conspiracy, wire fraud, and conspiracy to launder money. The official announcement of their indictment was made on June 24 and the case is being pursued in the Northern District of Georgia.
The U.S. Attorney’s Office disclosed that the indicted parties utilized stolen identities to secure IT developer roles remotely. An Atlanta-based blockchain research firm was allegedly infiltrated by two of these individuals who used their gained access to steal cryptocurrency.
This case in Georgia is just the tip of the iceberg of a broader, nationwide operation by the Department of Justice. This expansive effort has not only led to the Georgia indictment but has also seen the seizure of financial accounts, websites, and computers allegedly used in fraudulent schemes facilitated by North Koreans.
Kim and Jong are reported to have masqueraded as foreign job applicants and were able to secure employment using falsified documents at companies in Atlanta and Serbia, during 2020 and 2021. Once in their role, they allegedly recommended their partners in crime for similar positions.
Claims from authorities suggest that North Korea has sent out thousands of IT workers carrying either stolen or bogus U.S. identities with the aim to infiltrate major American companies, including those listed among the Fortune 500, as a means to finance their weapons initiatives. Officials warn that in a number of cases, these workers were able to gain access to sensitive and proprietary data.
Earlier in 2022, it was reported by investigators that Jong employed his newly found access to illicitly obtain approximately $175,000 in digital cash from his employer. The next month, it is alleged that Kim manipulated smart contract code to steal around $740,000.
It was noted by officials that the defendants employed a virtual currency mixer to obscure the tracking of the stolen money. The hidden funds were then moved into cryptocurrency exchange accounts that Kang and Chang held control over.
The investigation identified that these exchange accounts were opened using counterfeit identification documents from Malaysia and various aliases. This indictment in the Georgia case is part of a nationwide effort taking place across the United States.
In a separate Massachusetts case, one U.S. citizen alongside six nationals, split between Chinese and Taiwanese origins, have been indicted for a scheme generating at least $5 million in false wages. This fraudulent scheme influenced the operations of more than a hundred companies.
Kim Kwang Jin, alias ‘P.S.’, a 27-year-old, Kang Tae Bok, alias ‘Wong Shao Onn’, aged 28, Jong Pong Ju, alias ‘Bryan Cho’, also aged 28, and Chang Nam Il, known as ‘Bong Chee Shen’ and ‘Peter Xiao’, aged 25, were all named in the indictment. The quartet, currently not captured, have been charged in Georgia. Federal arrest warrants were released on the day of the indictment, with the FBI now treating all four as fugitives.
According to the FBI, the group has a history of collaboration and travel. They are alleged to have connections to both the United Arab Emirates and Laos, and are believed to have proficiency in English and Korean.
The U.S. Department of State has established a reward of up to $5 million for any information leading to the disruption of North Korea’s financial networks. This includes activities such as exporting workers, involvement in cyber thefts and money laundering activities.
All these efforts are part of an ongoing national strategy to crack down on international cybercrime and illicit activities that fund destabilizing programs, particularly those related to North Korea’s weapons program. The state continues to advise U.S. companies to maintain their guard against such intrusions and helps them implement robust security measures.
As the cybercrime landscape continues to evolve, such cases underscore the urgency and necessity for both strong corporate cybersecurity measures and international cooperation in law enforcement efforts. Highlighting the sophisticated nature of these fraudulent schemes, this case aids in raising awareness about the level of vigilance companies must maintain in the digital age.