The U.S. Treasury Department has imposed sanctions on two individuals and four entities, accusing them of being involved in a network of IT workers operated by North Korea that infiltrates cryptocurrency companies for exploitation.

The Treasury's Office of Foreign Assets Control (OFAC) announced on Tuesday (July 8) that they sanctioned North Korean national Song Jin-ho, who allegedly stole information from U.S. citizens to create false identities and provided this information to foreign IT workers he employed, enabling them to seek employment opportunities at U.S. companies.

OFAC also sanctioned Russian national Gaiq Asatryan, accusing him of employing dozens of North Korean IT workers through his company, based on long-term agreements he signed with North Korean trading companies starting in 2024.

The number of fraudulent tech workers associated with North Korea is steadily increasing, and they are expanding their infiltration efforts. A report released by Google in April found that the infrastructure for such schemes is now global.

Deputy Treasury Secretary Michael Fulkender stated, "The Treasury will continue to utilize all available tools to prevent the Kim regime from evading sanctions through digital asset theft, attempts to impersonate Americans, and malicious cyberattacks."

According to OFAC, North Korea aims to generate revenue for its ballistic missile program by deploying thousands of highly skilled IT workers globally, primarily concentrated in China and Russia.

OFAC noted that this team primarily targets employers in wealthier countries and operates using various mainstream and industry-specific online platforms.

These sanctions mean that all U.S. assets related to Asatryan, Song Jin-ho, and the four Russian entities named simultaneously will be frozen. Additionally, any financial transactions or business dealings with them by individuals within the U.S. are now illegal, with violators facing civil and criminal penalties.

North Korea is notorious for its high-profile hacking attacks, including activities by teams such as the Lazarus Group, which is responsible for some of the largest cryptocurrency hacking incidents in history, such as the $1.5 billion Bybit exploit in February.

However, blockchain intelligence firm TRM Labs noted on Tuesday (July 8) that North Korea is beginning to shift its tactics.

"While exchange hacks remain an important method, North Korean-related operations are increasingly turning to fraud-based revenue generation methods, including IT worker infiltration activities," the company stated.

TRM Labs estimates that of the $2.1 billion stolen in 75 cryptocurrency hacks and exploits in the first half of 2025, North Korean-related bad actors are responsible for $1.6 billion of that.

U.S. authorities have been ramping up their crackdown on North Korean fraudulent IT worker schemes this year.

On June 30, four North Korean nationals were formally charged with telecommunications fraud and money laundering for impersonating remote workers for U.S. and Serbian blockchain companies.

Meanwhile, the U.S. Department of Justice announced on June 5 that it is taking action to seize $7.74 million worth of frozen cryptocurrency assets, reportedly obtained illegally by North Korean IT workers using false identities to work as remote contractors in blockchain companies.

Related: Truth Social files S-1 for "crypto blue-chip ETF" tracking BTC, ETH, SOL, CRO, XRP

Original: “U.S. Sanctions North Korean Tech Worker Organization Involved in Cryptocurrency Theft”

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。