U.S. Treasury has targeted North Korea’s financial handlers, sanctioning bankers who manage millions in stolen crypto. The department said the move aims to cripple the regime’s ability to convert crypto heists into usable currency for its weapons programs.
Summary
- U.S. Treasury sanctioned eight individuals and two entities tied to North Korea’s crypto laundering network.
- Officials say the DPRK stole over $3 billion, mainly in crypto, in three years to fund weapons programs.
On Nov. 4, the Department of the Treasury’s Office of Foreign Assets Control announced sanctions against eight individuals and two entities acting as critical financial conduits for North Korea.
The action targets bankers like Jang Kuk Chol and Ho Jong Son, who the department said managed millions in cryptocurrency on behalf of state-owned First Credit Bank.
This fund pool, which includes $5.3 million in crypto, has been directly linked to a known DPRK ransomware actor and revenue from the regime’s clandestine IT workers.
“North Korean state-sponsored hackers steal and launder money to fund the regime’s nuclear weapons program,” John K. Hurley, Under Secretary of the Treasury for Terrorism and Financial Intelligence, said. “By generating revenue for Pyongyang’s weapons development, these actors directly threaten U.S. and global security. Treasury will continue to pursue the facilitators and enablers behind these schemes to cut off the DPRK’s illicit revenue streams.”
North Korea’s vast global web of illicit finance
According to the Treasury, North Korea’s financial theft is conducted at a level “unmatched by any other country.” Over the past three years alone, the regime’s cyber actors have successfully stolen over $3 billion, with cryptocurrency being the primary target.
Those funds are laundered through mixers, shell companies, and exchanges before being converted into hard currency, allowing state-sponsored hackers to bypass global sanctions and sustain weapons development despite economic isolation.
U.S. officials pointed to North Korean IT workers as another linchpin in this revenue web. These individuals, located worldwide, hide their true identities and nationalities to earn hundreds of millions of dollars annually.
The scheme is remarkably sophisticated; Treasury notes these workers sometimes outsource their own projects, collaborating with unsuspecting foreign freelancers and splitting the revenue further to obscure the money trail back to North Korea.
More sanctions and implications
The Treasury sanctioned several China- and Russia-based representatives of DPRK financial institutions, including Ho Yong Chol, accused of facilitating over $85 million in transactions, and Jong Sung Hyok, the chief representative of the DPRK Foreign Trade Bank in Vladivostok.
Entities such as the Korea Mangyongdae Computer Technology Company, which runs IT worker cells in Chinese cities, and Ryujong Credit Bank were also targeted for their roles in sanctions evasion and money laundering.
As a result of these designations, all property and interests in property of the sanctioned entities and individuals within U.S. jurisdiction are now blocked.
U.S. persons are generally prohibited from engaging in any transactions with them, and foreign financial institutions that knowingly facilitate transactions for these designees risk exposing themselves to secondary sanctions.
Source link