WASHINGTON:
US prosecutors
on Thursday announced the arrests of an American woman and a Ukrainian man they say helped North Korea-linked IT workers posing as Americans to obtain
remote-work jobs
at hundreds of
US companies
.
The US department of justice (DoJ) said the elaborate scheme, aimed at generating revenue for
North Korea
in contravention of international sanctions, involved the infiltration of more than 300 US firms, including Fortune 500 companies and banks, and the theft of the identities of more than 60 Americans.
A DoJ statement said the overseas IT workers also attempted to gain employment and access to information at two US govt agencies. An earlier state department statement said the scheme had generated at least $6.8 million for North Korea. It said the North Koreans involved were linked to North Korea’s munitions industry department, which oversees development of the country’s ballistic missiles, weapons production, and research and development programmes.
An indictment filed in federal court in Washington last week and unsealed on Thursday said charges had been filed against Christina Marie Chapman, 49, of Litchfield Park, Arizona; Ukrainian Oleksandr Didenko, 27, of Kyiv; and three other foreign nationals. A justice department statement said Chapman was arrested Wednesday, while Didenko was arrested on May 7 by Poland at the request of US, which is seeking his extradition.
The head of the justice department’s criminal division, Nicole Argentieri, said the alleged crimes “benefited the North Korean govt, giving it a revenue stream and, in some instances, proprietary information stolen by the co-conspirators.” The charges “should be a wakeup call for American companies and govt agencies that employ remote IT workers,” she said in the statement.
The DoJ said Didenko was accused of creating fake accounts at US IT job search platforms, selling them to overseas IT workers, some of whom he believed were North Korean. It said overseas IT workers using Didenko’s services were also working with Chapman. Didenko’s online domain, upworksell.com, was seized Thursday by the justice department, the statement said. The DoJ statement said the FBI executed search warrants for US-based “laptop farms” – residences that hosted multiple laptops for overseas IT workers. It said that through these farms, including one Chapman hosted from her home, US-based facilitators logged onto US firm computer networks and allowed the overseas IT workers to remotely access the laptops, using US IP addresses to make it appear they were in the US.
North Korea is under UN sanctions aimed at cutting funding for its missile and nuclear weapons programmes and experts say it has sought to generate income illicitly.