Washington moved to strangle a key money stream for North Korea on Thursday, as the U.S. Treasury rolled out sanctions on six people and two companies accused of running sham information-technology worker operations that quietly funneled cash back to Pyongyang. Officials say the networks helped generate nearly $800 million in 2024, leaning on stolen identities, fake paperwork and U.S.-based “laptop farm” setups to win contracts from legitimate firms.
According to the U.S. Department of the Treasury, the Office of Foreign Assets Control has designated Amnokgang Technology Development Company and accused Vietnam-based Quangvietdnbg International Services CEO Nguyen Quang Viet of converting roughly $2.5 million into cryptocurrency for North Korean interests between mid-2023 and mid-2025. Secretary of the Treasury Scott Bessent said the move is meant to sever networks that “target American companies” and emphasized that the department will “follow the money” to hold enablers accountable.
In parallel action, the Justice Department said recent prosecutions and civil-forfeiture cases have produced guilty pleas, arrests and the seizure of more than $15 million in virtual currency tied to North Korean cyber theft and laundering. The department also described multi-state searches of suspected “laptop farms” and warned that identity brokers and U.S.-based proxies were central to making the fraud work.
How the schemes worked
Investigators say the playbook typically relied on stolen or fabricated identities, offshore intermediaries and company laptops parked in U.S. residences to make overseas workers appear domestic, according to federal guidance. The FBI’s public service announcement flags warning signs such as repeated logins from widely separated IP addresses, recycled phone numbers and questionable interview video, while OFAC’s advisory lays out how DPRK IT delegations operate and channel their wages back to Pyongyang; see the FBI PSA and OFAC advisory for specific indicators.
Legal implications
OFAC designations block any U.S. property or transactions tied to the listed individuals and entities and create compliance obligations for banks, contractors and other vendors, the Treasury explains. The Justice Department has also signaled potential criminal exposure for people who launder proceeds, open sham accounts or knowingly provide material support to such schemes.
For U.S. companies and hiring managers, federal guidance urges tougher identity verification, tighter onboarding checks and ongoing monitoring of remote-worker access. Anyone who suspects they have been targeted or victimized can submit tips to the FBI’s IC3 and consult Treasury’s information on designated persons for further details.
