US Crypto Startup Loses $900,000 Due to North Korean Infiltration

The US Department of Justice charged four North Korean nationals with stealing $900,000 from an Atlanta-based blockchain startup, where they had posed as IT specialists. They face five counts of wire fraud and money laundering.

The individuals initially operated as a team in the UAE before infiltrating American and Serbian crypto firms as remote employees. After gaining trust, they stole $175,000 and $740,000 in two separate incidents in 2022.

The funds were laundered through mixers and exchanges using fake identification documents.

Authorities believe the employment scheme is part of North Korea’s long-term strategy to fund its weapons programs.

In comments to Decrypt, Chainalysis experts noted that during interviews, the perpetrators present “fake documents” and carefully “mask their North Korean connections.” Crypto companies seeking candidates for remote positions often skip the background check stage.

“[North Korean employees initially work off] compensation to the regime, then patiently wait for opportunities to access additional funds from the Web3 company they infiltrated,” analysts explained.

In early June, US authorities conducted raids in 16 states, seizing 29 financial accounts, 21 fraudulent websites, and around 200 computers. These served as remote access points, allowing North Korean agents to alter smart contracts and steal cryptocurrency, creating the appearance of operating from the US. This scheme netted North Korea “tens of millions of dollars.”

Previously, ForkLog reported that a North Korean hacker attempted to infiltrate the ranks of crypto exchange Kraken’s developers by posing as a candidate for an engineering position.