Security News > 2023 > May > US sanctions orgs behind North Korea’s ‘illicit’ IT worker army

The Treasury Department's Office of Foreign Assets Control announced sanctions today against four entities and one individual for their involvement in illicit IT worker schemes and cyberattacks generating revenue to finance North Korea's weapons development programs.

North Korea's illicit revenue generation strategy relies heavily on a massive "Army" of thousands of IT workers who hide their identities to get hired by companies overseas, the OFAC said in a press release published on Tuesday.

"The DPRK's extensive illicit cyber and IT worker operations threaten international security by financing the DPRK regime and its dangerous activities, including its unlawful weapons of mass destruction and ballistic missile programs."

Pyongyang University of Automation: responsible for the training of "Malicious cyber actors," many of which work for the Reconnaissance General Bureau The RGB's Technical Reconnaissance Bureau and the 110th Research Center cyber unit: involved in the development of malicious tools, the coordination of departments linked to North Korean threat actors like the notorious Lazarus Group, and cyberattacks targeting organizations in the United States and the Republic of Korea.

North Korean national Kim Sang Man: involved in the payment of salaries to family members of Chinyong's overseas IT worker delegations.

"Today's action continues to highlight the DPRK's extensive illicit cyber and IT worker operations, which finance the regime's unlawful weapons of mass destruction and ballistic missile programs," said Brian E. Nelson, the Treasury's Under Secretary for Terrorism and Financial Intelligence, today.

News URL

https://www.bleepingcomputer.com/news/security/us-sanctions-orgs-behind-north-koreas-illicit-it-worker-army/