The Treasury Department has issued sanctions against individuals and businesses for their roles in assisting a fraudulent information technology worker scheme backed by North Korea.
The department’s Office of Foreign Assets Control issued the sanctions as part of the U.S.’ “whole of government” approach in targeting North Korea’s revenue-generating schemes, according to a statement released Wednesday. The Treasury Department said North Korean IT workers frequently conceal their true identities to secure employment at legitimate companies.
The North Korean government seizes the vast majority of the wages earned by its IT workers and uses the funds to “generate revenue for its illicit weapons of mass destruction and ballistic missile programs,” the statement said.
“The North Korean regime continues to target American businesses through fraud schemes involving its overseas IT workers, who steal data and demand ransom,” John K. Hurley, Treasury under secretary for terrorism and financial intelligence, said in a statement. “Under President Trump, Treasury is committed to protecting Americans from these schemes and holding the guilty accountable.”
The IT workers have also been recorded clandestinely uploading malware to the networks of private companies to retrieve private information.
Individuals and organizations named in the new round of sanctions include Vitaliy Sergeyevich Andreyev, Kim Ung-sun, Shenyang Geumpungri Network Technology Co. Ltd. and Korea Sinjin Trading Corp.
Mr. Andreyev is a Russian national who facilitates payments to the Chinyong Information Technology Cooperation Co., a sanctioned organization tied to North Korea’s defense ministry, the Treasury Department said. Since December 2024, Mr. Andreyev has worked with Mr. Kim to facilitate several financial transfers worth $600,000 by converting cryptocurrency into U.S. dollars.
The sanctions come as security experts, private companies and the U.S. government continue to sound the alarm over North Korean IT worker schemes. A CrowdStrike report in August indicates a 220% increase in North Korean workers securing fraudulent remote employment with Western companies over the last year, documenting 320 incidents.
Additionally, the State Department on Wednesday issued a joint statement with South Korea and Japan, expressing concerns over the spread of malicious activities tied to North Korean IT workers.
“Our three countries have taken coordinated actions to disrupt the North Korean IT worker threat. Today, Japan issues an update to its previous alert to provide detailed information on new tradecraft used by North Korean IT workers and advises private sector entities to mitigate the risk of inadvertently hiring, supporting, or outsourcing work to North Korean IT workers,” the State Department said in a statement. “The Republic of Korea issued advisories on North Korean IT worker activities to help companies avoid being targeted or victimized.”
![Steak ’n Shake Mocks Cracker Barrel Over Identity-Erasing Rebrand [WATCH]](https://www.right2024.com/wp-content/uploads/2025/08/Steak-n-Shake-Mocks-Cracker-Barrel-Over-Identity-Erasing-Rebrand-WATCH-350x250.jpg)
![Mount Rushmore Could Get Trump Upgrade Under GOP Push [WATCH]](https://www.right2024.com/wp-content/uploads/2025/07/Mount-Rushmore-Could-Get-Trump-Upgrade-Under-GOP-Push-WATCH-350x250.jpg)
![Soros Network, Others Behind LA Riots [WATCH]](https://www.right2024.com/wp-content/uploads/2025/06/Soros-Network-Others-Behind-LA-Riots-WATCH-350x250.jpg)
![Human Trafficking Expert Details Horrific Biden Admin Endangerment of Migrant Kids [WATCH]](https://www.right2024.com/wp-content/uploads/2025/07/Human-Trafficking-Expert-Details-Horrific-Biden-Admin-Endangerment-of-Migrant-350x250.jpg)
