This month, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned six individuals and two entities for their roles in Democratic People’s Republic of Korea (DPRK) government-orchestrated information technology (IT) worker schemes that systematically defraud U.S. businesses and generate revenue to fund the DPRK’s weapons of mass destruction (WMD) programs, including nearly $800 million in 2024.
“The North Korean regime targets American companies through deceptive schemes carried out by its overseas IT operatives, who weaponize sensitive data and extort businesses for substantial payments,” said Secretary of the Treasury Scott Bessent.
DPRK-facilitated IT teams commonly rely on fraudulent documentation, stolen identities, and fabricated personas to conceal their true identities and gain employment with legitimate companies, including those in the United States and allied countries. The DPRK government reportedly appropriates the majority of the wages earned by these overseas IT workers, generating hundreds of millions of dollars to support the regime’s WMD and ballistic missile programs, in violation of U.S. and United Nations sanctions.
In certain instances, DPRK-affiliated workers have also covertly introduced malware into company networks to extract proprietary and sensitive information.
The Treasury Department’s action, taken on March 12, is part of the United States’ whole-of-government effort to counter the DPRK’s wide-ranging revenue generation schemes and builds on several other actions OFAC has taken in the last several months to stop the DPRK’s IT worker schemes.
OFAC’s action targets several DPRK IT worker networks by designating facilitators based in the DPRK, Vietnam, Laos, and Spain.
Amnokgang Technology Development Company (Amnokgang) is a DPRK IT company managing delegations of overseas IT workers and conducting other illicit procurement activities to obtain and sell military and commercial technology through their overseas networks.
Nguyen Quang Viet (Nguyen) is the Chief Executive Officer (CEO) of Quangvietdnbg International Services Company Limited (Quangvietdnbg), a company based in Vietnam. Nguyen facilitates currency conversion services for North Koreans through his company. Do Phi Khanh (Do) is an associate of U.S.-sanctioned DPRK nuclear procurement facilitator Kim Se Un who acts as Kim’s proxy and likely allows Kim to use his identity to open bank accounts and launder proceeds from DPRK IT workers.
“Under President Trump’s leadership,” said Secretary Bessent, “Treasury will continue to follow the money in order to protect U.S. businesses from these malicious activities and ensure those responsible are held accountable.”
US Sanctions Facilitators of DPRK IT Fraud
- Policy Office
This month, the U.S. Department of the Treasury’s Office of Foreign Assets Control sanctioned six individuals and two entities for their roles in Democratic People’s Republic of Korea government-orchestrated information technology worker schemes that systematically defraud U.S. businesses.