Federal authorities have discovered numerous plans by North Korea to finance its regime by conducting remote information technology (IT) work for U.S. firms. This investigation has led to two indictments, as well as the confiscation of tech and financial resources, and one arrest.

The Department of Justice announced on Monday that North Korean operatives were assisted by collaborators in the U.S., China, the United Arab Emirates, and Taiwan to secure jobs with over 100 American companies, including those among the Fortune 500.

In one particular scheme, individuals within the U.S. set up front companies and fake websites to make remote workers appear credible. They also operated laptop farms that allowed North Korean IT workers to remotely use laptops provided by these companies.

In another scheme, IT workers in North Korea used false identities to gain employment with a blockchain research and development company in Atlanta, Georgia, and steal virtual currency worth over $900,000.

Inside a courtroom with gavel in plain view.  (iStock)

The indictment alleges the four defendants traveled to the United Arab Emirates on North Korean travel documents and worked as a co-located team.

Jin and Ju were also allegedly hired by a blockchain research and development company in Atlanta, and a virtual token company based in Serbia.

While hired, Jin and Ju hid their North Korean identities from their employers and provided false identification documents, the DOJ alleged.

Both defendants ultimately earned the trust of their employers and allegedly stole hundreds of thousands of dollars from them in multiple instances. The funds were then laundered and transferred to accounts held by Bok and Nam, which were allegedly opened fraudulently using Malaysian identification documents.

During the investigation, the FBI executed searches of 21 premises across 14 states that were hosting known and suspected laptop farms. During the execution, the FBI seized 137 laptops.