The U.S. Justice Division charged 5 people at the moment, a U.S. Citizen lady, a Ukrainian man, and three overseas nationals, for his or her involvement in cyber schemes that generated income for North Korea’s nuclear weapons program.
They have been allegedly concerned between October 2020 and October 2023 in a marketing campaign coordinated by the North Korean authorities “to infiltrate U.S. job markets through fraud in an effort to raise revenue for the North Korean government and its illicit nuclear program.”
Two of them, Christina Marie Chapman and Oleksandr Didenko, have been arrested on Could 15 in Litchfield Park, Arizona, and in Poland on Could 7, 2024, with the DOJ now in search of Didenko’s extradition to the US.
They have been each charged with conspiracy to defraud the US, aggravated identification theft, and conspiracy to commit cash laundering, wire fraud, identification fraud, and financial institution fraud.
Three different overseas nationals, recognized solely by their aliases (Jiho Han, Haoran Xu, and Chunji Jin), have been additionally charged with conspiracy to commit cash laundering.
If convicted, Chapman faces a most of 97.5 years in jail, whereas Didenko’s most penalty can attain 67.5 years. Every of the John Does additionally faces a most penalty of 20 years.
“Chapman and her co-conspirators committed fraud and stole the identities of American citizens to enable individuals based overseas to pose as domestic, remote IT workers,” mentioned Nicole M. Argentieri, the pinnacle of the Justice Division’s Legal Division.
In the present day, the U.S. State Division introduced a reward of as much as $5 million for any info associated to Chapman’s co-conspirators, the North Korean IT staff charged at the moment, and their supervisor, solely generally known as Zhonghua.
North Koreans labored remotely through U.S. laptop computer farms
In line with the indictment, Chapman housed the North Korean IT staff’ computer systems in her own residence, making a “laptop farm” to make it seem as if her co-conspirators’ units have been in the US.
They have been employed as distant software program and utility builders with a number of Fortune 500 firms, together with an aerospace and protection firm, a significant tv community, a Silicon Valley expertise firm, and a high-profile firm.
They have been paid tens of millions for his or her work, and Chapman processed their paychecks from U.S. firms via her monetary accounts.
Didenko additionally ran an internet platform generally known as UpWorkSell (whose area was seized by the DOJ), knowingly offering providers to permit North Koreans to make use of false identities whereas trying to find distant IT work positions.
“Didenko is alleged to have managed as many as approximately 871 proxy identities, provided proxy accounts for three freelance IT hiring platforms, and provided proxy accounts for three different money service transmitters,” the DOJ mentioned.
“In coordination with co-conspirators, Didenko facilitated the operation of at least three U.S.-based ‘laptop farms,’ hosting approximately 79 computers. Didenko sent or received $920,000 in U.S.D. payments since July 2018.”
Their scheme compromised over 60 U.S. identities and affected greater than 300 U.S. firms. It additionally resulted in false tax liabilities for greater than 35 U.S. residents and generated a minimum of $6.8 million in income for abroad IT staff.
In the present day, the FBI additionally issued an advisory with extra info on how North Korea’s IT staff undermine the safety of firms that rent them and steering on the way to spot North Korean IT employee schemes.
Beforehand, the US additionally revealed joint advisories with overseas companions warning of North Korean IT employee schemes and sanctioned a number of organizations concerned in North Korea’s IT employee income technology schemes.