FBI Accuses 14 North Korean Nationals of Involvement in Massive Fraud Scheme

The FBI has charged 14 North Koreans in an $88 million fraud scheme targeting U.S. entities, raising concerns about the security of remote IT hiring practices.

At a Glance

14 North Korean IT workers were charged with funneling $88 million to fund weapons programs.
The suspects are accused of identity theft, extortion, and sophisticated fraud against U.S. companies.
The FBI released a wanted poster and offered a $5 million reward for information leading to arrests.
Companies are urged to carefully vet remote IT hires and verify identities.

North Korean IT Workers Indicted in Massive Fraud Scheme

The FBI has charged 14 North Korean nationals with orchestrating a complex fraud scheme that targeted U.S. entities, amassing approximately $88 million over six years. The indictment, issued by a federal court in St. Louis, Missouri, accuses these individuals of posing as American IT professionals to secure remote jobs with U.S. companies and nonprofits.

The elaborate scheme allegedly involved identity theft, extortion, and sophisticated fraud techniques. The accused allegedly used stolen identities to gain employment, with some even enlisting Americans to allow access to their Wi-Fi or to pose as the workers during interviews. This strategy enabled them to funnel wages back to North Korea, presumably to finance the country’s weapons development programs.

#FBI St. Louis investigated the case with assistance from our Cyber Division at FBI HQ.https://t.co/khlJy704KP

— FBI St. Louis (@FBIStLouis) December 13, 2024

Charges and Potential Consequences

The indictment outlines several serious charges against the 14 defendants, including wire fraud, money laundering, and identity theft. Additionally, they face accusations of conspiracy to violate the International Emergency Economic Powers Act. Eight of the conspirators are confronting further charges of aggravated identity theft, which could result in severe legal repercussions if they are found guilty.

The potential penalties for these crimes are substantial, with some defendants facing up to 27 years in prison. However, prosecution may prove challenging as most of the accused are believed to be in North Korea, beyond the immediate reach of U.S. law enforcement.

FBI’s Ongoing Investigation and Preventive Measures

The FBI has been working for two years to disrupt this group’s activities. Their efforts have resulted in the seizure of significant amounts of money and internet domains associated with the scheme. To further their investigation, the U.S. State Department is offering a $5 million reward for information leading to the arrest of these individuals.

“If your company has hired fully remote IT workers, more likely than not, you have hired or at least interviewed a North Korean national working on behalf of the North Korean government,” Ashley T. Johnson of the FBI warned.

In light of these revelations, the FBI is urging companies to exercise extreme caution when hiring remote IT professionals. They recommend thorough vetting processes and identity verification to mitigate the risk of inadvertently employing North Korean operatives.

“One of the ways to help minimize your risk is to insist current and future IT workers appear on camera as often as possible if they are fully remote,” Johnson advised.

Broader Implications and Ongoing Efforts

This case is part of a larger effort by the Justice Department to disrupt North Korean criminal schemes that support its regime. In 2021, North Korean programmers were charged with global cyberattacks for profit, and a 2022 advisory warned of North Koreans posing as foreign nationals for employment.

The FBI continues to target not only the foreign operatives but also domestic enablers of the scheme. They encourage anyone with information to contact them or submit a tip online, emphasizing the importance of vigilance in the face of these sophisticated international fraud operations.