ATLANTA (WSAV) — FBI Atlanta issued a warning to the public after four North Koreans were indicted in an alleged scheme to steal from two companies.
The Northern District of Georgia unsealed the indictment Monday, an FBI Atlanta spokesperson said.
It charged four North Koreans, Kim Kwang Jin, Kang Tae Bok, Jong Pong Ju and Chang Nam Il, for reportedly engaging in a scheme to steal and launder over $900,000 in virtual currency. They face wire fraud and money laundering charges.
Around December 2020 and May 2021, Jin, who was using a stolen identity, and Ju, who was using an alias “Bryan Cho,” were hired as developers by an Atlanta, Georgia-based blockchain research and development company and a Serbian virtual token company, a statement from the U.S. Attorney’s Office, Northern District of Georgia said.
Both men allegedly concealed their identities from their employers by providing false identification documents.
Both defendants concealed their North Korean identities from their employers by providing false identification documents containing a mix of stolen and fraudulent identity information.
“The defendants used fake and stolen personal identities to conceal their North Korean nationality, pose as remote IT workers, and exploit their victims’ trust to steal hundreds of thousands of dollars,” said U.S. Attorney Theodore S. Hertzberg. “This indictment highlights the unique threat North Korea poses to companies that hire remote IT workers and underscores our resolve to prosecute any actor, in the United States or abroad, who steals from Georgia businesses.”
In 2022, Ju and Jin were assigned project that allowed them access to their employers’ virtual currency where they were able to allegedly steal $175,000 and $740,000 respectively.
They then “mixed” the stolen money using a virtual currency mixer and transferred the funds to accounts controlled by Bok and Nam, an FBI Atlanta spokesperson said. The accounts held by Bok and Nam were allegedly opened using fraudulent Malaysian identification documents.
The men reportedly traveled to the United Arab Emirates with North Korean travel documents and worked as a “co-located team,” FBI Atlanta said.
The businesses that hired the indicted men said they wouldn’t have done so if they had known their actual identities, officials said.
FBI Atlanta suggested that companies looking to hire remote IT workers, especially for blockchain development, should use additional layers of scrutiny to their interview and hiring processes for remote IT workers.
If you suspect you have been approached or victimized by a North Korean IT worker, the FBI recommended reporting the activity to the FBI’s Internet Crime Complaint Center (IC3) as quickly as possible.
You can view recommendations for strengthening remote-hiring processes by clicking here.
