US Targets DPRK IT Facilitators Over Crypto Use In $800 Million Scheme

TLDR

• US Treasury sanctioned six individuals and two entities linked to DPRK IT worker schemes.
• The network generated nearly $800 million in 2024 for North Korea’s weapons programs.
• A Vietnam-based facilitator converted about $2.5 million into cryptocurrency.
• OFAC added 21 cryptocurrency addresses across several blockchains to sanctions list.

The United States has sanctioned several individuals and entities accused of helping North Korea run fraudulent IT worker operations. Officials say the scheme generated hundreds of millions of dollars and relied on cryptocurrency to move funds.

The U.S. Department of the Treasury’s Office of Foreign Assets Control announced the sanctions on March 12, 2026. The action targets six individuals and two entities linked to North Korean IT worker networks.

According to the Treasury, the operations generated nearly $800 million in 2024. Authorities said the revenue supported North Korea’s weapons of mass destruction and ballistic missile programs.

Fraudulent remote work operations

North Korean IT workers have been operating overseas for years. Many of them obtain jobs using stolen identities and false documents.

These workers often secure remote technology roles with companies in several countries, including the United States. Employers believe they are hiring independent developers or contractors.

Authorities say the North Korean government collects most of the wages earned by these workers. The system sends large amounts of money back to the regime each year.

Some workers also gain access to company networks during their employment. Officials say certain operatives install malware after securing jobs.

These tools can allow data theft and access to sensitive systems. In some cases, companies are pressured to make payments after data is taken.

Cryptocurrency used to move funds

Digital assets play an important role in transferring the money generated by the scheme. Cryptocurrency allows funds to move across borders quickly and with less oversight.

OFAC added 21 cryptocurrency addresses to its sanctions list. These addresses exist across several blockchain networks.

One sanctioned facilitator is Nguyen Quang Viet, chief executive of Vietnam-based Quangvietdnbg International Services Company Limited. Authorities said he provided currency conversion services for North Korean operatives.

According to the Treasury, Nguyen converted about $2.5 million into cryptocurrency between mid-2023 and mid-2025. The funds included earnings from workers tied to Amnokgang Technology Development Company.

Network activities across several countries

Investigators said the network operated across multiple countries. Activities were linked to North Korea, Vietnam, Laos, and Spain.

Another designated individual, Hoang Van Nguyen, allegedly helped a previously sanctioned North Korean procurement facilitator. Authorities say he assisted with bank account openings and cryptocurrency transactions.

Officials also reported that he helped arrange a counterfeit cigarette transaction worth more than $200,000 in 2022.

Sanctions were also placed on Yun Song Guk, a North Korean national managing IT workers in Boten, Laos since at least 2023.

The Treasury said several cryptocurrency wallets tied to the network were added to the sanctions list. These addresses include wallets on Ethereum, TRON, and Bitcoin networks.

The post US Targets DPRK IT Facilitators Over Crypto Use In $800 Million Scheme appeared first on CoinCentral.