North Korean IT Workers Indicted in Elaborate “Laptop Farm” Scheme to Evade Sanctions

The U.S. Department of Justice has announced the indictment of five individuals, including North Korean nationals, for their involvement in a complex scheme to secure remote IT jobs at American companies. This operation, designed to generate illicit revenue for the North Korean regime, involved the use of stolen identities, forged documents, and a sophisticated “laptop farm” to deceive U.S. businesses.

“The Department of Justice remains committed to disrupting North Korea’s cyber-enabled sanctions-evading schemes, which seek to trick U.S. companies into funding the North Korean regime’s priorities, including its weapons programs,” stated Supervisory Official Devin DeBacker of the Justice Department’s National Security Division.

The indictment alleges that the defendants, including Jin Sung-Il and Pak Jin-Song from North Korea, Mexican national Pedro Ernesto Alonso De Los Reyes, and U.S. citizens Erick Ntekereze Prince and Emanuel Ashtor, fraudulently obtained employment at over sixty U.S. companies. They utilized stolen identities and forged documents to conceal their true nationalities and circumvent sanctions.

As part of the scheme, Ashtor operated a “laptop farm” at his residence in North Carolina. This operation involved receiving laptops from unsuspecting U.S. companies and installing remote access software, allowing North Korean IT workers to access the devices and perform the contracted work. This tactic was designed to deceive companies into believing they had hired U.S.-based employees.

“FBI investigation has uncovered a years-long plot to install North Korean IT workers as remote employees to generate revenue for the DPRK regime and evade sanctions,” said Assistant Director Bryan Vorndran of the FBI’s Cyber Division.

The defendants are accused of generating at least $866,255 in revenue, which was then laundered through a Chinese bank account. The indictment highlights a broader trend of North Korea deploying IT workers abroad to generate revenue for the regime, often using elaborate tactics to bypass sanctions and conceal their true identities.

Related Posts:

• $5 Million Reward Offered After Indictment of North Korean Cyber Operatives
• Dark Web Identity Farming Operation Exposed: A Sophisticated KYC Fraud