According to the U.S. Department of Justice, the group used fake and stolen identities to secure jobs at firms in Georgia and Serbia between 2020 and 2021.
Once inside, they allegedly exploited system access to drain roughly $915,000 worth of digital assets, which were then laundered through crypto mixers and exchange accounts created with fraudulent documents.
Authorities say the accused—operating initially from the UAE—used their positions to alter code and reroute funds, tactics that reflect a growing trend in North Korea’s digital espionage and revenue generation.
The DOJ’s broader initiative targeting these schemes, known as DPRK RevGen, has also led to coordinated raids on “laptop farms” and other assets used to mimic U.S.-based activity.
Officials warn that these crypto-enabled operations support North Korea’s weapons development programs, and are becoming increasingly difficult to detect as attackers blend into the global freelance tech workforce using digital aliases and remote access tools.
Source: https://coindoo.com/north-korean-agents-exploited-remote-blockchain-jobs-to-steal-nearly-1m-in-crypto/