DPRK IT Workers Inside North Korea’s Crypto Laundering Network
Recent enforcement actions include OFAC sanctions in August targeting a Russian national who facilitated payments to DPRK-based Chinyong Information Technology Cooperation Company (Chinyong), also known as Jinyong IT Cooperation Company, which was sanctioned by OFAC and South Korea’s Ministry of Foreign Affairs (MOFA) in May 2023 for employing DPRK IT workers abroad.
This blog will explore the operations, networks, and mechanisms by which DPRK IT workers facilitate their revenue generation and laundering processes. By understanding these networks, law enforcement, regulators, and the private industry can be better equipped to detect IT worker activity on-chain and disrupt flows to the DPRK’s weapons of mass destruction (WMD) program.
Advisories issued by the HM Treasury’s Office of Financial Sanctions Implementation (OFSI) and the Federal Bureau of Investigation (FBI)’s Internet Crime Complaint Center on DPRK IT workers highlight red flags for the private sector to monitor and identify these risks. The advisories include: inconsistent identity, location or credentials; anonymizing infrastructure; irregular payment flows; and behaviour that signals concealment. By looking for these on-chain and off-chain indicators, IT industry stakeholders can play a pivotal role in disrupting the financial pipelines that sustain these actors.
To read the complete article see: