The U.S. Treasury Department’s sanctions regulator added the North Korean national song Kum Hyok to its “specially designated national” list, calling him a “malicious online actor” linked to North Korean hacker groups.
The Office of Foreign Assets Control moved to the global financial system on Tuesday to block songs and believes that he worked to place other North Korean officials among IT workers. These IT workers then send funds back to North Korea and, in some cases, find ways to exploit the companies they develop to create additional revenue.
These types of schemes have been severely hit, with many major thefts occurring due to the efforts of North Korean hackers.
“DPRK generates substantial revenue by deploying IT workers to obtain jobs in companies around the world, including technology and virtual currency industries,” a press release on Tuesday said.
Encryption investigators and analysts at the end of last month zachxbt “Multiple projects… have been exploited, probably due to the hiring of North Korean IT workers as developers.
Although Tuesday’s Treasury release mentioned past crypto projects, it did not name any specific projects and did not include any crypto wallets in its sanctions list. It does point out that the department has previously approved the Lazarus Group, and investigators have been closely linked to various cryptocurrency hacks over the past few years, including $625 million theft From Axie Infinity and this year’s huge $1.5 billion hacker bybit.
“DPRK IT workers often work on projects involving virtual currencies, and they use virtual currency trading and trading platforms to manage their work on contracts and launder money and remittances to those funds,” the U.S. Treasury Department said Tuesday.
“Illegal Income Generation”
Ari Redbord, head of global policy and government affairs at TRM Labs, said the embedded IT workers “have become the postal service for illegal income generation and ultimately invasive activities, especially in the cryptocurrency space.”
“One notable aspect of today’s designation is the clear reference to North Korean IT workers doing business in China and Russia,” he said, adding that it shows “increasing unity” between North Korea and certain jurisdictions.
“This action is also suitable for a broader model,” he said. “In the last month, the Ministry of Finance has taken several steps to target North Korea’s use of IT workers to remit illegal gains back to Pyongyang, often laundering money through crypto exchanges and anonymous platforms.”
“The song represents the operational layer behind these schemes: not a hacker, but a promoter. This makes him equally important to interruptions. Building a network has been a focus of the Treasury over the past few months, and it is another example of a promoter,” Redbord added.
Read more: How North Korea penetrates the cryptocurrency industry
