Threat Intelligence

US indicts five in North Korean IT worker scheme

North Korean remote IT worker scam

TechCrunch reports that five individuals have been indicted by US law enforcement for their roles in a scheme that enabled North Korean threat actors to secure remote jobs as IT workers with US companies, generating substantial revenue for the North Korean regime. The accused include North Korean citizens Jin Sung-Il and Pak Jin-Song, Mexican national Pedro Ernesto Alonso De Los Reyes, and US citizens Erick Ntekereze Prince and Emanuel Ashtor. The Department of Justice alleges the scheme ran from April 2018 to August 2024, with at least 64 American companies targeted, including a financial institution, a technology company based in San Francisco, and an IT organization headquartered in Palo Alto. Ntekereze and Ashtor allegedly forged US identity documents and set up remote access software on company-issued laptops provided to the North Koreans to help them conceal their true locations. Payments from ten of the targeted companies reportedly exceeded $866,255, much of which was laundered through a Chinese bank account. The FBI also reportedly uncovered a laptop farm at Ashtor’s North Carolina residence and warned that North Korean IT workers are increasingly engaging in cybercriminal activities such as data theft and extortion.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds