A North Korean Foreign Trade Bank representative has been charged in two separate money laundering conspiracies involving the use of cryptocurrency to generate revenue for the country’s government. The charges were announced by Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division, who highlighted the innovative ways in which North Korean operatives are attempting to evade sanctions through the use of crypto assets.
The representative, Sim Hyon Sop, has been accused of conspiring with over-the-counter (OTC) cryptocurrency traders to use stolen funds to purchase goods on behalf of North Korea, as well as conspiring with North Korean IT workers to generate revenue through illegal employment at blockchain development companies in the United States.
The first indictment alleges that Sim conspired with three OTC traders to launder stolen funds from cryptocurrency exchange hacks and make payments in U.S. dollars for goods on behalf of the North Korean government. The second indictment involves a conspiracy between Sim and various North Korean IT workers to launder proceeds of illegal IT development work. The IT workers gained employment at U.S. blockchain development companies using fake identities and then laundered their ill-gotten gains through Sim for the benefit of the North Korean regime.
U.S. Attorney Matthew M. Graves for the District of Columbia emphasized the importance of “following the money,” whether through cryptocurrency or traditional banking systems, in bringing charges against those who would aid in funding North Korea’s regime. The FBI’s Assistant Director Luis Quesada echoed this sentiment, stating that the agency will continue to pursue criminals who exploit and launder cryptocurrency to aid state operatives.
North Korea’s Reconnaissance General Bureau (RGB) is the primary intelligence and clandestine operations unit responsible for conducting cyber-attacks to generate revenue for the regime. The group is known for conducting cyber-attacks against financial institutions and crypto asset service providers. North Korean hackers have gained unauthorized access to victim networks through spear-phishing messages designed to induce victims to download and execute malicious software.
Since 2017, North Korean hackers have executed crypto currency-related thefts to generate revenue for the regime, including through the hacking of crypto asset services providers such as cryptocurrency exchanges. A portion of the proceeds from these crypto currency theft and fraud schemes was sent to a cryptocurrency address, which Sim and his OTC trader co-conspirators used to fund payments for goods for North Korea.
To generate revenue for the regime, North Korea deploys IT workers to obtain illegal employment in the cryptocurrency industry. North Koreans apply for jobs in remote IT development work without disclosing their nationality, bypassing security and due diligence checks through the false or fraudulent use of identity documents and other obfuscation strategies. The IT workers request payment for their services in cryptocurrency and then send their earnings back to North Korea through individuals like Sim.
Overall, these indictments highlight the ongoing efforts by North Korean operatives to evade sanctions and generate revenue through illicit means, including the use of cryptocurrency. The charges against Sim serve as a warning that law enforcement agencies are continuing to pursue those who aid in funding North Korea’s regime.
Read more:
- North Korean Actors Among Illicit Users Exploiting DeFi For Money Laundering, Warns Treasury Department
- North Korean Hackers Steal Over $1 Billion In Crypto Assets