The US has moved to seize more than $7.7m in crypto allegedly earned through a covert network of North Korean IT workers posing as foreign freelancers and funneling their income back to the North Korean government.
In a civil forfeiture complaint filed Thursday in the District Court for the District of Columbia, the Department of Justice alleged that North Korean operatives obtained jobs at blockchain firms and other tech companies using stolen or forged identities.
The workers were paid in crypto, often stablecoins such as USDC and USDT, and used complex laundering tactics to mask the funds’ origin before sending the money back to the North Korean state.
DOJ Targets North Korea Digital Laundering Network
Authorities said the operation aimed to bypass U.S sanctions. It also sought to generate revenue for North Korea’s weapons program.
The scheme was linked to Sim Hyon Sop, a representative of North Korea’s Foreign Trade Bank. He was previously indicted in April 2023 for his role in similar activities.
Department Files Civil Forfeiture Complaint Against Over $7.74M Laundered on Behalf of the North Korean Government
: https://t.co/T6nh2ETMYY pic.twitter.com/o23HY6C6Zw
— U.S. Department of Justice (@TheJusticeDept) June 5, 2025
Sim allegedly collaborated with Kim Sang Man, who serves as CEO of Chinyong. Chinyong is a state-linked IT firm operating under North Korea’s Ministry of Defense.
To conceal the funds, the workers used several tactics. They allegedly opened fake accounts, split transactions into smaller amount and used token-swapping techniques. In addition, they purchased NFTs as a store of value.
According to the Justice Department, the funds moved through a web of platforms and intermediaries. Eventually, the money was routed back to the North Korean government.
“This forfeiture action highlights, once again, the North Korean government’s exploitation of the cryptocurrency ecosystem to fund its illicit priorities,” said Matthew Galeotti, head of the DOJ’s Criminal Division. He added that the department would continue using legal tools to disrupt financial lifelines supporting the regime.
FBI Warns of North Korean IT Fraud Using Stolen American Identities
Officials from the FBI said the investigation uncovered a widespread effort to defraud US businesses by hiring North Korean workers posing as remote freelancers using stolen American identities.
Assistant director Roman Rozhavsky called it a sophisticated threat and urged companies to closely examine their remote hiring practices.
Thursday’s complaint is part of a wider enforcement campaign that began in 2024 under the Department’s DPRK RevGen initiative. This effort has focused on both North Korean operatives and the US-based enablers who support them.
So far, authorities have taken action against domestic facilitators, crypto traders, and schemes involving data theft by North Korean IT workers.
The FBI’s Virtual Assets Unit and its Chicago Field Office led the investigation. They were supported by cybercrime prosecutors and national security attorneys.
According to officials, the operation reflects an ongoing strategy to cut North Korea off from the global financial system. Moreover, it aims to stop the regime from using cryptocurrency to evade US sanctions.
The post US Seeks to Seize $7.7M in Crypto Linked to North Korean IT Worker Fraud Ring appeared first on Cryptonews.
