The US Treasury sanctioned Song Kum Hyok for attempting to hack the Treasury Department and posing as an IT worker to gather secret data for North Korea. Song is affiliated with Andariel, known for ransomware attacks and funding digital intrusions globally. From 2022 to 2023, he allegedly used stolen US identities to help foreign tech workers apply for jobs in the US while channeling revenue back to North Korea. Additionally, a Russian national, Gayk Asatryan, was sanctioned for employing North Korean IT workers through his companies.
The US Treasury has imposed sanctions on 38-year-old Song Kum Hyok, a North Korean accused of attempting to hack the Treasury Department and posing as an IT worker to collect revenue and secret data for Pyongyang.
Andariel is the cyber-arm of North Korea's military intelligence agency, and its members infected US hospitals with ransomware, laundered the proceeds, and then used them to fund digital intrusions into defense, technology, and government entities worldwide.
Song played a key role in the fake IT worker scheme, hiring foreign techies to seek remote employment with US-based companies and then splitting the income with them while sending a portion back to North Korea.
Treasury remains committed to using all available tools to disrupt the Kim regime's efforts to circumvent sanctions through its digital asset theft, attempted impersonation of Americans, and malicious cyber-attacks.
Collection
[
|
...
]