{"id":14421,"date":"2025-07-10T00:43:34","date_gmt":"2025-07-10T00:43:34","guid":{"rendered":"https:\/\/newestek.com\/?p=14421"},"modified":"2025-07-10T00:43:34","modified_gmt":"2025-07-10T00:43:34","slug":"us-treasury-department-sanctions-individuals-and-entities-over-illegal-it-worker-scheme","status":"publish","type":"post","link":"https:\/\/newestek.com\/?p=14421","title":{"rendered":"US Treasury Department sanctions individuals and entities over illegal IT worker scheme"},"content":{"rendered":"
\n
\n
\n
\n
\n
\n
<\/div>\n<\/section>\n

The US Department of the Treasury\u2019s Office of Foreign Assets Control (OFAC) Tuesday imposed sanctions on two individuals and four companies involved in schemes to provide US companies with illegal remote IT workers whose income would, it said, generate revenue for the Democratic People\u2019s Republic of Korea (DPRK) regime.<\/p>\n

Song Kum Hyok, described as a \u201cmalicious cyber actor\u201d associated with the already sanctioned DPRK Reconnaissance General Bureau hacking group Andariel, was sanctioned for facilitating the scheme. OFAC said that in 2022 and 2023, Song created aliases for foreign workers using the names, Social Security numbers, and addresses of US individuals, which the workers then used to pose as US applicants looking for remote jobs. \u00a0<\/p>\n

In addition, Russian national Gayk Asatryan, who OFAC said has used his Russia-based companies to employ DPRK IT workers, was sanctioned for \u201chaving attempted to engage in, facilitate, or be responsible for the exportation of workers from North Korea, including exportation to generate revenue for the Government of North Korea or Workers\u2019 Party of Korea,\u201d OFAC\u2019s announcement<\/a> said.<\/p>\n

OFAC noted that in 2024 Asatryan signed a 10-year contract with DPRK\u2019s Korea Songkwang Trading General Corp. to hire up to 30 DPRK IT workers to work in Russia for his company, Asatryan Limited Liability Co. He also signed a contract with Korea Saenal Trading Corp., another DPRK company, to hire 50 DPRK IT workers for his company, Fortuna Limited Liability Co.<\/p>\n

OFAC said that Asatryan\u2019s two companies were sanctioned \u201cfor being owned or controlled by or acting or purporting to act for or on behalf of, directly or indirectly, Asatryan, a person whose property and interests in property are blocked.\u201d Songkwang Trading and Saenal Trading were also designated \u201cfor being North Korean persons, including North Korean persons that have engaged in commercial activity that generates revenue for the Government of North Korea or Workers\u2019 Party of Korea.\u201d<\/p>\n

\u201cThese sanctions against the DPRK-Russian fake IT worker pipeline are a significant step toward closing a long-standing gap in remote-work security,\u201d said Fritz Jean-Louis, principal cybersecurity advisor at Info-Tech Research Group. \u201cBy adding these key brokers to the SDN [US Specially Designated Nationals and Blocked Persons] list, the government has instantly frozen any payments that might flow through Russian front companies or crypto rails to North Korean developers, thereby cutting off a revenue stream that Pyongyang has relied on. They also raise the bar for corporate due diligence, as the IT worker scheme worked primarily because many organizations hired remote contractors on little more than a resume and a US PayPal address.\u201d<\/p>\n

Ongoing crackdown with caveats for hiring companies<\/h2>\n

These actions are the latest efforts in the US government\u2019s battle to stop DPRK\u2019s illegal activities<\/a>. Last month, the Justice Department\u2019s major sweep<\/a> across 16 states seized laptops, financial accounts, and websites associated with the illegal remote IT worker scheme, and the FBI and Defense Criminal Investigative Service (DCIS) also took action.<\/p>\n

The latest sanctions mean that any property in the US, or possessed or controlled by US persons, in which the sanctioned individuals hold interest are blocked, and must be reported to OFAC, and unless authorized, \u201cOFAC\u2019s regulations<\/a> generally prohibit all transactions by US persons or within (or transiting) the United States that involve any property or interests in property of blocked persons,\u201d OFAC said in the announcement.\u00a0The regulations also forbid \u201cany contribution or provision of funds, goods, or services\u201d either directed to the blocked persons, or being received from them.<\/p>\n

\u201cThese sanctions draw clear liability boundaries and nudge organizations towards stronger vetting without broad new regulations,\u201d Jean-Louis noted. \u201cA key risk to consider: If a US company unknowingly hires or pays a newly sanctioned contractor, the consequences can escalate quickly. OFAC violations are a strict liability, which means that intent does not matter, and civil fines can run up to significant amounts. Organizations can also face criminal penalties and loss of export privileges. Since OFAC is a US law with extraterritorial application, foreign organizations may do well to also consider potential exposure. An improper hire can turn into an expensive legal crisis overnight.\u201d<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

The US Department of the Treasury\u2019s Office of Foreign Assets Control (OFAC) Tuesday imposed sanctions on two individuals and four companies involved in schemes to provide US companies with illegal remote IT workers whose income would, it said, generate revenue for the Democratic People\u2019s Republic of Korea (DPRK) regime. Song Kum Hyok, described as a \u201cmalicious cyber actor\u201d associated with the already sanctioned DPRK Reconnaissance… <\/p>\n

Read More<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-14421","post","type-post","status-publish","format-standard","hentry","category-uncategorized","is-cat-link-borders-light is-cat-link-rounded"],"_links":{"self":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/14421","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=14421"}],"version-history":[{"count":0,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/14421\/revisions"}],"wp:attachment":[{"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=14421"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=14421"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=14421"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}