Four North Korean citizens face federal charges for orchestrating a crypto hack operation that netted over $915,000 from American and Serbian technology companies.
The Department of Justice announced the indictments against Kim Kwang Jin, Kang Tae Bok, Jong Pong Ju, and Chang Nam Il on wire fraud and money laundering allegations.
The defendants allegedly used fraudulent identification documents to conceal their North Korean nationality while seeking remote employment opportunities. Federal prosecutors claim the scheme targeted blockchain development companies that would have refused to hire North Korean workers due to sanctions restrictions.
According to court documents, the operation began in October 2019 when the four suspects traveled to the United Arab Emirates using legitimate North Korean passports. They established a base of operations while preparing false documentation for their infiltration attempts.
Trusted employees turned internal threats
Kim Kwang Jin secured employment with an Atlanta-based blockchain research company in December 2020 using stolen identity information belonging to a victim identified as “P.S.” Meanwhile, Jong Pong Ju joined a Serbian virtual token company in May 2021 under the alias “Bryan Cho.”
Both defendants provided their employers with falsified identification documents containing mixtures of stolen and fabricated personal information. Jong Pong Ju later recommended “Peter Xiao” for employment at the Serbian company, who was actually Chang Nam Il operating under another false identity.
The suspects gained access to their employers’ cryptocurrency assets through legitimate work assignments. Jong Pong Ju exploited his position in February 2022 to steal virtual currency worth approximately $175,000 at the time of the theft.
Kim Kwang Jin executed a larger theft in March 2022, stealing crypto valued at roughly $740,000 by modifying smart contract source code. This technical manipulation allowed him to redirect funds from company wallets to accounts under his control.
The money laundering operation involved transferring stolen funds through cryptocurrency mixers to obscure transaction trails. Kang Tae Bok and Chang Nam Il controlled exchange accounts opened using fraudulent Malaysian identification documents to receive the laundered proceeds.
U.S. Attorney Theodore Hertzberg emphasized the threat posed by North Korean remote workers seeking to exploit American companies.
