The U.S. Treasury sanctioned eight individuals and two entities accused of laundering proceeds from North Korean cybercrime and IT‑worker schemes that help fund Pyongyang's weapons programs. OFAC says North Korean actors stole more than $3 billion in the last three years using advanced malware and social engineering. Named targets include two bankers tied to roughly $5.3 million in cryptocurrency, an IT firm alleged to operate overseas worker delegations, and Ryujong Credit Bank for laundering foreign‑currency earnings. The action builds on prior U.S. measures and cites an international report warning of the DPRK's highly sophisticated cybercrime program.
U.S. Treasury Sanctions North Korean Money‑Laundering Network Tied to $3B in Cybercrime
The U.S. Treasury sanctioned eight individuals and two entities accused of laundering proceeds from North Korean cybercrime and IT‑worker schemes that help fund Pyongyang's weapons programs. OFAC says North Korean actors stole more than $3 billion in the last three years using advanced malware and social engineering. Named targets include two bankers tied to roughly $5.3 million in cryptocurrency, an IT firm alleged to operate overseas worker delegations, and Ryujong Credit Bank for laundering foreign‑currency earnings. The action builds on prior U.S. measures and cites an international report warning of the DPRK's highly sophisticated cybercrime program.
10:47, 05.11.2025Security
U.S. Treasury Sanctions North Korean Officials and Firms Over Cybercrime Laundering
The U.S. Treasury Department announced sanctions Tuesday targeting eight individuals and two entities accused of laundering proceeds from North Korean cybercrime and schemes that funnel wages from overseas IT workers back to Pyongyang to support its weapons programs.
In a statement, the Treasury's Office of Foreign Assets Control (OFAC) said North Korean actors have stolen more than $3 billion over the past three years by using advanced malware, social‑engineering tactics and other sophisticated methods to breach financial systems and cryptocurrency platforms.
John K. Hurley, Under Secretary for Terrorism and Financial Intelligence: "North Korean state‑sponsored hackers steal and launder money to fund the regime's nuclear weapons program. By generating revenue for Pyongyang's weapons development, these actors directly threaten U.S. and global security."
OFAC named specific targets, including bankers Jang Kuk Chol and Ho Jong Son, who are accused of managing illicit funds — including roughly $5.3 million in cryptocurrency, some of which has been linked to ransomware that previously targeted U.S. victims. Korea Mangyongdae Computer Technology Co. and its president, U Yong Su, were designated for allegedly organizing delegations of IT workers from the Chinese cities of Shenyang and Dandong. Ryujong Credit Bank was accused of laundering foreign‑currency earnings and moving money on behalf of sanctioned North Korean entities. Six other individuals were identified as facilitators of money transfers.
Under the sanctions, all property and interests in property of the designated individuals and entities that fall under U.S. jurisdiction are blocked, and U.S. persons are generally prohibited from dealing with them. Financial institutions that engage with the sanctioned parties may face enforcement action.
This action builds on earlier U.S. measures this year. In July, the State Department sanctioned Song Kum Hyok of the Andariel hacking group for operating remote IT‑worker programs that funneled wages back to Pyongyang. The Justice Department has also filed criminal charges in 16 states related to schemes that placed North Korean IT workers in U.S. companies.
OFAC cited an October report from an 11‑country Multilateral Sanctions Monitoring Team that described North Korea's cybercrime apparatus as "a full‑spectrum, national program operating at a sophistication approaching the cyber programs of China and Russia." The report said much of the DPRK's malicious cyber activity, cybercrime, laundering and IT work is carried out under the supervision and for the benefit of entities already sanctioned by the United Nations for their role in the country's unlawful WMD and ballistic missile programs.
The sanctions were announced shortly after President Donald Trump's recent trip to South Korea, where a much‑anticipated meeting with North Korean leader Kim Jong Un did not take place. South Korea's National Intelligence Service told lawmakers that a summit might be scheduled following joint U.S.‑South Korean military drills planned for March, according to opposition lawmaker Lee Seong‑kweun.