North Korean authorities have criticized the US Department of Justice (DOJ), labeling its recent actions as an “absurd smear campaign.” This came after the DOJ claimed to have uncovered various schemes orchestrated by North Korea aimed at financing its government through remote IT work conducted by US firms.
This week, the DOJ revealed that North Korean operatives allegedly received help from individuals in the US, China, and Taiwan to secure jobs with over 100 US companies, including some Fortune 500 firms.
The alleged schemes involved companies providing laptops, which remote North Korean IT workers could then access, effectively allowing them to work unnoticed. In one notable case, these workers reportedly assumed false identities to land jobs at a blockchain research company in Atlanta, Georgia, where they stole over $900,000 in cryptocurrency.
As part of this announcement, the DOJ issued a five-count indictment against a US citizen, Senxing One, residing in New Jersey.
According to the DOJ, Wang and his associates earned over $5 million by obtaining remote IT jobs with these companies.
Additionally, several Chinese nationals—Jing Bin Huang, Baoyu Zhou, Tong Yuze, Yongzhe Xu, Ziyou Yuan, and Zhenbang Zhou—were indicted, along with Taiwanese citizens Li and Enchia Liu.
The indictment also includes Kezia “Tony” Wang, a US national from New Jersey.
The North Korean state-run agency KCNA reported that a spokesperson from the DPRK Ministry of Foreign Affairs condemned the actions of the US judiciary, asserting that these moves violate the rights of North Korean citizens under suspicion of cybercrime.
“This recent event represents an absurd smear campaign aimed at tarnishing our nation’s image. It’s just another continuation of the hostilities from successive US administrations, which have exaggerated the non-existent ‘cyber threat’ from North Korea,” the spokesperson stated.
Furthermore, the DPRK’s Foreign Office expressed serious concerns about US judicial provocations that threaten the safety and rights of its citizens, labeling them as unfounded “cyber” dramas.
The spokesperson accused the US of fostering “instability in international cyberspace,” rather than the DPRK being the culprit.
“For a long time, the US has posed a constant threat to the cybersecurity of North Korea and other sovereign nations, using cyberspace as a battleground and manipulating cyber issues for political gain,” they said.
There’s a recognition that the Democratic Republic of Korea has the right to protect its citizens from law enforcement actions that are politically motivated and to hold accountable those who act maliciously from the outside.
The DOJ’s indictment alleges that from 2021 to 2024, the defendants and their co-conspirators misappropriated identities of more than 80 individuals in the United States, landing remote jobs at over 100 firms. As a result, these companies incurred around $3 million in losses due to legal fees, network repairs, and other issues.
Kejia and Zhenxing, along with at least four other US accomplices, reportedly assisted overseas IT workers in this scheme.
They are accused of creating a shell company with a website and financial accounts to misrepresent that these overseas workers were connected to legitimate US businesses.
After establishing this setup, it is alleged that the duo collected funds from a US company, which were then funneled to overseas collaborators.
In return for their efforts, Kejia, Zhenxing, and the others received at least $696,000 from the IT workers.
Notably, one of the companies reportedly compromised was a defense contractor focused on AI technologies. The DOJ indicated that by accessing proprietary data, the conspirators potentially violated arms regulations.
The DOJ also mentioned that the FBI and Defense Crime Investigation Services seized 17 web domains tied to this operation and blocked 29 financial accounts linked to the North Korean regime that were utilized to launder funds.
In a related announcement, the DOJ issued fraud and money laundering indictments against five North Korean individuals: Kim Kwang Jin, Kang Taebok, Jeongbong JU, and Change Nam II. These suspects are accused of stealing over $900,000 in cryptocurrency from two companies and are being sought by the FBI.
