The Department of Justice recently announced the indictment of five individuals, two of whom are North Korean nationals, for engaging in a fraudulent scheme that caused U.S. companies to hire remote information technology (“IT”) workers, thus generating revenue for the Democratic People’s Republic of Korea (“DPRK” or “North Korea”). Federal prosecutors in the Southern District of Florida indicted North Korean nationals Jin Sung-Il and Pak Jin-Song, Mexican national Pedro Ernesto Alonso De Los Reyes, and U.S. nationals Erick Ntekereze Prince and Emanuel Ashtor for their roles in the scheme. Jin and Pak have been charged with violating the International Emergency Economic Powers Act (“IEEPA”), and all five defendants have been charged with conspiracy to commit wire fraud and mail fraud and conspiracy to commit money laundering, among other charges. Ntekereze and Ashtor were arrested in the United States, and Alonso was arrested in the Netherlands pursuant to an arrest warrant from the U.S. Government. Information on the whereabouts of Jin and Pak was not provided.
According to the indictment, from approximately April 2018 to August 2024, the defendants worked with unindicted co-conspirators to enable Jin, Pak and other North Korean co-conspirators to obtain employment with U.S. companies, in violation of U.S. sanctions and other laws. Ntekereze and Ashtor allegedly received laptops at their residences from U.S. employers and, without authorization, installed remote access software on the laptops to enable the IT workers to access the companies’ data. In furtherance of the scheme, the defendants concealed the true identities of Jin, Pak and others by using forged and stolen identity documents, and then conspired to launder the payments received for the remote IT work through a variety of accounts to conceal the proceeds. Federal prosecutors allege that, over the course of the scheme, the defendants deceived at least sixty-four U.S. companies, ten of which generated at least $866,255 in revenue that was eventually laundered through a Chinese bank account.
An FBI spokesperson indicated that the indictments demonstrate the risk that the North Korean government poses to all American companies and urged any company that had questions or concerns regarding this threat to reach out to their local FBI field office. On January 23, 2025, the FBI also issued a new public service announcement on North Korean IT worker threat to raise public awareness and update guidance previously issued by the U.S. government in May 2022, October 2023, and May 2024.