Article Details

Five plead guilty to helping North Koreans infiltrate US firms. The U.S. Department of Justice announced that five individuals pleaded guilty to aiding North Korea’s illicit revenue generation schemes, including remote IT worker fraud and cryptocurrency theft. As part of this, the U.S. authorities announced actions seeking the forfeiture of $15 million in cryptocurrency from heists carried out by the APT38 threat group, which is linked to the Lazarus hacking group. The facilitators, four Americans and one Ukrainian, used their own, false, or stolen (from 18 U.S. persons) identities to make it possible for DPRK agents to be hired by American firms for remote work. The latter then funneled their salaries, as well as, in some cases, stolen data, to the North Korean government. According to the DOJ’s announcement, the actions of the five individuals affected 136 companies nationwide and generated over $2.2 million in revenue for the DPRK regime. The five people who pleaded guilty are: Didenko agreed to forfeit $570,000 in fiat currency and an additional $830,000 worth of cryptocurrency. The DOJ announcement also highlights two civil forfeiture complaints filed to seize amounts totaling over $15 million, which were stolen and laundered by North Korea’s APT38. The seized funds relate to four major incidents from 2023 targeting cryptocurrency exchange platforms based in Panama, Estonia, and Seychelles. In total, $382 million was stolen in these cyber-heists. APT38 has been laundering funds from these hacks via cryptocurrency bridges, mixers, exchanges, and OTC traders, and authorities have so far traced and seized $15 million, with work to intercept more underway. Secrets Security Cheat Sheet: From Sprawl to Control Whether you're cleaning up old keys or setting guardrails for AI-generated code, this guide helps your team build securely from the start. Get the cheat sheet and take the guesswork out of secrets management.