The coordinated steps included searches spanning 16 states involving workers who obtained employment at more than 100 U.S. companies.
The post Arrest, seizures in latest U.S. operation against North Korean IT workers appeared first on CyberScoop.
U.S. authorities unsealed indictments, seized financial accounts and made an arrest in the latest attempt to crack down on North Korean remote IT workers as part of a coordinated action that the Justice Department announced Monday.
The workers obtained employment at more than 100 U.S. companies using stolen and fake identities, costing them millions in damages and losses. The crackdown also included the seizure of websites and searches of 29 known or suspected “laptop farms” across 16 states that hosted victim company-provided laptops used to deceive companies.
The U.S. Attorney’s Office for the District of Massachusetts and the DOJ’s National Security Division arrested Zhenxing “Danny” Wang of New Jersey on Monday pursuant to a five-count indictment of Wang and eight alleged co-conspirators, all Chinese and Taiwanese nationals. A second five-count indictment from the Northern District of Georgia charged four North Korean nationals.
Authorities seized 29 financial accounts used to launder money and 21 fraudulent websites, according to DOJ. In the first indictment, Wang and the co-conspirators allegedly caused companies to incur computer network remediation costs, legal fees and other damages totaling at least $3 million. In the second, the indicted nationals stole virtual currency worth $900,000 at the time.
“Once employed, the North Korean IT workers received regular salary payments, and they gained access to, and in some cases stole, sensitive employer information such as export controlled U.S. military technology and virtual currency,” a DOJ news release stated.
North Korean IT workers have infiltrated hundreds of Fortune 500 companies, security leaders say, prompting a series of actions from law enforcement to stem the tide, including an operation earlier this year with more indictments and another that froze crypto funds, as well as sanctions.
“The threat posed by DPRK operatives is both real and immediate,” said Leah Foley, U.S. Attorney for the District of Massachusetts. “Thousands of North Korean cyber operatives have been trained and deployed by the regime to blend into the global digital workforce and systematically target U.S. companies.”
In a call with reporters featuring senior DOJ and FBI officials who spoke on condition of anonymity, one said they couldn’t comment on the likelihood of future arrests beyond Wang because the investigation was ongoing, “but we may have further information to share about the investigation soon, in terms of individuals who have been charged and who are overseas.”
“We have a long memory here,” they said. “We’re going to look for opportunities to arrest these folks, and what might look unlikely now may not be the case in the future.”
The post Arrest, seizures in latest U.S. operation against North Korean IT workers appeared first on CyberScoop.
Source: CyberScoop
Source Link: https://cyberscoop.com/arrest-seizures-north-korean-it-workers-june-2025/