The Treasury Department on Tuesday announced it has sanctioned a North Korean man participating in the widespread IT worker scheme, as well as others in a Russia-based IT worker operation that allegedly benefits the government of North Korea.
It’s the second time in as many weeks that feds have taken action against people it says are associated with the IT worker scam — which benefits the illicit aims of the Democratic People’s Republic of Korea — following last week’s arrest, indictments and seizures.
“Today’s action underscores the importance of vigilance on the DPRK’s continued efforts to clandestinely fund its WMD and ballistic missile programs,” Deputy Secretary of the Treasury Michael Faulkender said in a news release.
Treasury’s Office of Foreign Assets Control levied the sanctions against Song Kum Hyok, whom it said was associated with the North Korea government-linked hacking group Andariel, also known as Onyx Sleet. That hacker outfit is thought to be a subset of the umbrella Lazarus Group.
“Song facilitated an information technology (IT) worker scheme in which individuals, often DPRK nationals working from countries such as China and Russia, were recruited and provided with falsified identities and nationalities to obtain employment at unwitting companies to generate revenue for the DPRK regime,” a Treasury press release states. “In some cases, these DPRK IT workers have been known to introduce malware into company networks for additional exploitation.”
It also levied sanctions against Gayk Asatryan, a Russian man whom the department said used his Russia-based companies to employ North Korean IT workers. Treasury additionally sanctioned four companies, two of which are his: Songkwang Trading, which the agency said Asatryan had signed a deal to dispatch 30 IT workers to his company Asatryan LLC, as well as Saenal Trading, which signed a deal to dispatch 50 IT workers to Fortuna LLC.
It marks the third time Treasury has issued sanctions related to North Korean hackers.
The post Treasury slaps sanctions on people, companies tied to North Korean IT worker schemes appeared first on CyberScoop.