The State Department is offering up to $5 million as a reward for information about two North Korean-controlled companies.
A federal court indicted 14 North Korean men on Dec. 11 for allegedly using false identities to obtain remote IT jobs at U.S. companies and then sending their wages back to North Korea for weapons development programs.
The individuals were indicted in a Missouri federal court for conspiring to violate U.S. sanctions and committing wire fraud, money laundering, and identity theft, the Department of Justice (DOJ) said.
Eight of them were charged with aggravated identity theft. Each of the defendants faces a maximum statutory penalty of 27 years in jail if convicted, according to the DOJ.
Federal prosecutors said the men were employed by two North Korean-controlled companies—Yanbian Silverstar and Volasys Silverstar—based in China and Russia, respectively. These companies collectively hired 130 workers involved in the scheme, according to a DOJ statement.
All the defendants are listed as wanted persons by the FBI.
“This indictment of 14 North Korean nationals exposes their alleged sanctions evasion and should serve as a warning to companies around the globe—be on alert for this malicious activity by the DPRK regime,” Deputy Attorney General Lisa Monaco stated, using the acronym for North Korea’s official name, the Democratic People’s Republic of Korea.
The State Department said it was offering a reward of up to $5 million for information about the companies, which it said facilitated the exportation of North Korean workers to generate revenue for the North Korean regime, as well as for information regarding the identified individuals, their alleged illegal activities, or associated individuals and entities.
According to the indictment, the defendants generated $88 million in illicit revenue through the six-year conspiracy between April 2017 and March 2023.
They allegedly stole the identities of Americans to apply for IT jobs at U.S. companies and nonprofit organizations, paying American citizens to attend job interviews and work meetings remotely using fake identities.
The defendants allegedly registered web domains and created websites to deceive prospective employers. Prosecutors said the websites contained details that “should have aroused suspicion” about the job applicants.
According to the indictment, the men also enlisted Americans to buy laptops and install remote access programs on them to make it appear as though they were working remotely from within the United States.
In some instances, the defendants extorted payments from the U.S. employers by threatening to release sensitive information online, the indictment stated.
Prosecutors said the men would then transfer their salaries or extortion payments to accounts controlled by the North Korean government, including to accounts at banks based in China.
“While we have disrupted this group and identified its leadership, this is just the tip of the iceberg,” Ashley Johnson, special agent in charge at the FBI St. Louis Field Office, said in a statement. “The government of North Korea has trained and deployed thousands of IT workers to perpetrate this same scheme against U.S. companies every day.”