Synopsis- The United States just hit North Korea with powerful new sanctions. Treasury officials targeted a secretive tech worker scheme. This operation infiltrated American companies to steal money and data. Specifically, authorities sanctioned two key individuals and four entities. They stand accused of running a North Korean IT infiltration ring. This group allegedly placed workers inside crypto firms for exploitation. As a result, the US aims to choke off vital funding for Pyongyang’s weapons programs.
The U.S. imposed sanctions on North Korean and Russian individuals and entities for infiltrating tech firms, funding Pyongyang’s missile program through fraudulent IT work, identity theft, and crypto exploitation.
Key Figures and Companies Sanctioned
Officials identified North Korean national Song Kum Hyok as central to the plot. The Treasury’s Office of Foreign Assets Control (OFAC) sanctioned him Tuesday. Song allegedly stole US citizens’ personal information deliberately. He then provided fake identities to hired foreign IT workers. These workers sought jobs at unsuspecting US companies using these aliases. At the same time, OFAC also sanctioned Russian national Gayk Asatryan. Asatryan allegedly used his companies to employ many North Korean IT staff. He signed long-term deals with North Korean trading firms starting in 2024.
Furthermore, OFAC sanctioned four specific entities linked to this scheme. Two are based in Russia, and two are based in North Korea. Therefore, all US assets tied to Asatryan, Song, and these entities are now frozen. Moreover, Americans face civil and criminal penalties for dealing with them. Essentially, any US financial transactions or business with these targets is illegal.
Funding Through Fraudulent Work
Why does North Korea run this complex operation? The answer points directly to its ballistic missile ambitions. OFAC states Pyongyang deploys thousands of highly skilled IT workers globally. Most operate from China and Russia currently. This massive workforce primarily targets employers in wealthier nations. They use mainstream and industry-specific networking platforms actively. Their goal is generating revenue for expensive missile programs. This illicit income stream bypasses strict international sanctions effectively.
Previously, North Korea relied heavily on brazen crypto exchange hacks. Groups like Lazarus Group stole enormous sums, like February’s $1.5 billion Bybit exploit. However, blockchain experts see a worrying tactical shift emerging. TRM Labs reported this significant change on Tuesday. “While exchange breaches remain significant, DPRK-linked operations are increasingly shifting,” they stated. Specifically, North Korea now focuses more on “deception-based revenue generation,” including IT worker infiltration. Alarmingly, TRM estimates North Korea stole $1.6 billion from crypto hacks just in 2025’s first half.
Covert Workers
American authorities are ramping up their response significantly this year. They actively pursue these fraudulent North Korean IT worker schemes. For instance, on June 30th, prosecutors charged four North Koreans. They allegedly posed as remote workers at US and Serbian blockchain firms. Following this, they face wire fraud and money laundering charges. Earlier in June, the Justice Department moved to seize $7.74 million. This frozen crypto was allegedly earned by North Korean IT workers. They used fake identities while working remotely for blockchain companies.
Treasury Deputy Secretary Michael Faulkender emphasised the US commitment firmly. “Treasury remains committed to using all available tools,” he declared Tuesday. The goal is disrupting the Kim regime’s “digital asset theft” and “malicious cyber-attacks.” This includes stopping their attempts to impersonate American citizens. The expanding global infrastructure for these schemes demands constant vigilance. A recent April report from Google confirmed its worldwide spread. Consequently, the US government signals this crackdown is far from over.
Written By Fazal Ul Vahab C H
