DOJ Seizes Over $7.74 Million in North Korean Crypto Laundering Crackdown

• A civil forfeiture complaint was filed for approximately $7.75 million laundered on behalf of the North Korean government.
• The funds were initially restrained in connection with a 2023 indictment for conspiring with North Korean IT workers. 
• North Korean operatives secured jobs under false pretenses and compromised sensitive U.S. company data.

The U.S. Department of Justice (DOJ) has taken decisive action against North Korea's exploitation of the cryptocurrency ecosystem, filing a civil forfeiture complaint in the District of Columbia for more than $7.74 million laundered on behalf of the North Korean government. 

According to recent DOJ announcements, the funds were initially restrained in connection with a 2023 indictment against Sim Hyon Sop, a Foreign Trade Bank representative, for conspiring with North Korean IT workers. 

These workers, operating globally—including in China and Russia—used fraudulent identities and sophisticated obfuscation techniques to secure remote employment with U.S. and international blockchain companies. 

Salaries, often paid in stablecoins such as USDC and USDT, were then laundered using a variety of tactics, including chain hopping, token swapping, purchasing NFTs, and utilizing U.S.-based accounts to legitimize transactions. 

Ultimately, these assets were funneled back to the regime, evading U.S. sanctions and fueling North Korea’s military priorities.

The perpetrators manipulated due diligence checks with stolen or fictitious documentation, highlighting the need for robust identity verification and vigilance among organizations hiring remote workers.

This action is part of the broader DOJ “DPRK RevGen” initiative, with prior enforcement steps in 2024 and early 2025 that have targeted both U.S.-based enablers and their North Korean conspirators. 

Ongoing advisories from the FBI, State, and Treasury departments continue to warn businesses about tactics and indicators associated with North Korean IT worker fraud and outline mitigations to enhance organizational resilience against such advanced persistent threats.