- OFAC sanctioned six individuals and two firms tied to North Korean IT fraud schemes.
- North Korea’s IT schemes stole $800M in 2024, funding nuclear and missile programs.
- DPRK hackers stole $2.02B in crypto in 2025, nearly 60% of global crypto thefts.
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on March 12 sanctioned six individuals and two companies for running North Korean IT schemes that defrauded American businesses. These operations brought in nearly $800 million in 2024, money the DPRK used to fund its weapons of mass destruction programs.
Secretary of the Treasury Scott Bessent said, “The North Korean regime targets American companies through deceptive schemes carried out by its overseas IT operatives, who weaponize sensitive data and extort businesses for substantial payments.” The designations span North Korea, Vietnam, Laos, and Spain, exposing a global network of IT workers and enablers.
According to the press release, North Korea’s IT teams often use fake identities and forged documents to get real jobs at companies abroad. Most of the money these workers earn is taken by the regime and funneled into its nuclear and missile programs.
In some cases, these workers also sneak malware into company systems to steal sensitive information. OFAC’s sanctions aim to stop this flow of money and protect U.S. businesses, while helping allies defend against these hidden North Korean operations
Key Enablers Across Borders
Amnokgang Technology Development Company, a North Korean IT firm, manages groups of overseas IT workers and buys and sells military and commercial technology. In Vietnam, Nguyen Quang Viet helped convert around $2.5 million into cryptocurrency for North Koreans connected to Amnokgang.
Do Phi Khanh and Hoang Van Nguyen helped a sanctioned North Korean nuclear figure, Kim Se Un, by moving money and setting up bank accounts. In Laos, North Korean national Yun Song Guk manages freelance IT teams and oversees transactions above $70,000. Together, these individuals and companies keep North Korea’s illegal IT operations alive, openly violating U.S. and U.N. sanctions.
Sanctions and Crypto Risks
All property and money of the sanctioned individuals and companies in the U.S. have been frozen. Anyone who breaks these rules could face heavy fines or even criminal charges.
Additionally, according to Chainalysis, North Korean hackers stole $2.02 billion in cryptocurrency in 2025 alone, accounting for almost 60% of all crypto thefts worldwide.
Chainalysis warns that North Korea is now going for fewer attacks but much bigger targets. As a result, U.S. companies and international partners need to stay alert and improve their methods for detecting North Korea’s money-laundering and cyber schemes.
Related: North Korean Hackers Exploit Dev Device, Steal Millions in Crypto
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
Source: https://coinedition.com/ofac-targets-north-korean-it-scheme-defrauding-u-s-firms/
