🛑 U.S. Sanctions North Korean “IT Worker” Ring Over Crypto Thefts

OFAC blacklists two individuals and four Russian entities that secretly placed DPRK technicians inside U.S. crypto firms to fund Pyongyang’s missile program.

· Web3 网3

🔍 What Happened?

The U.S. Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned:

  • Song Kum Hyok — alleged DPRK facilitator who stole U.S. citizens’ IDs for North-Korean IT operatives
  • Gayk Asatryan — Russian national whose companies employed dozens of North-Korean contractors under long-term deals
  • Four Russian entities linked to those hirings

All U.S. assets are frozen; Americans face civil and criminal penalties for any dealings with the listed parties.

🛠️ How the Scheme Worked

  1. Identity Theft – Song provided stolen U.S. credentials so DPRK tech staff could appear “American.”
  2. Remote Placements – Asatryan’s firms signed 10-year contracts with DPRK trading companies, then funneled workers into Western crypto projects.
  3. Revenue Funnel – Salaries and inside access allegedly helped bankroll North Korea’s ballistic-missile program.

🔄 Shift From Hacks to Human Infiltration

  • TRM Labs reports DPRK actors increasingly use deception-based tactics—fake résumés and remote “blockchain developer” gigs—over splashy exchange hacks.
  • Still, Lazarus-linked crews stole $1.6 B of the $2.1 B looted from crypto platforms in H1 2025.

🌐 Why It Matters

broken image

OFAC vows to keep “using all tools” to choke this revenue stream—expect stricter KYC for remote hires and enhanced vendor vetting.

🔐 Stay Vigilant

  • Employers: Verify remote applicants via live video & secure ID checks.
  • Crypto teams: Monitor unusual repo access, overnight commits, and IP anomalies.
  • Users: Prefer platforms with robust compliance and prompt security disclosures.

🎁 Secure Your Funds With KXZ.Store

Worried about exchange breaches or insider threats? Hold value in stablecoins you control. Grab a KXZ.Store Binance Gift Card and load USDT or USDC directly onto Binance—fast, private, and easy to redeem anytime.