The U.S. Department of Justice (DOJ) has taken a significant step against North Korea’s illicit financial activities, which involve remote IT workers operating within American tech firms.

What Happened: The DOJ has announced a series of actions aimed at dismantling North Korea’s money-making operations, which are conducted by covert remote IT workers within U.S. tech companies. The funds generated are allegedly used to finance North Korea’s nuclear weapons program and for data and cryptocurrency theft. As per the DOJ, the fraud scheme impacted over 100 U.S. companies.

U.S. Attorney for the District of Massachusetts, Leah B. Foley, stated, “Thousands of North Korean cyber operatives have been trained and deployed by the regime to blend into the global digital workforce and systematically target U.S. companies.”

The DOJ’s crackdown resulted in the arrest and indictment of U.S. national Zhenxing “Danny” Wang and Keija Wang who are accused of running a long-standing fraud operation out of New Jersey—one that allegedly generated over $5 million for the North Korean regime.

They face charges of conspiracy to commit wire fraud, money laundering, and identity theft. Additionally, eight other individuals, including six Chinese nationals and two Taiwanese citizens, have been indicted for their involvement in the scheme.

Five North Korean nationals have been charged with wire fraud and money laundering for allegedly stealing over $900,000 in cryptocurrency from two unidentified companies by using fake or stolen identities, according to the Department of Justice.

SEE ALSO: Emmanuel Macron Calls Tariffs ‘Blackmail,’ White House Shoots Back Saying Trump Is ‘Doing What’s Right For Our People’

Why It Matters: North Korea’s use of remote IT workers to conduct illicit financial activities has been an ongoing concern. In May 2025, it was reported that Kim Jong Un‘s North Korea was infiltrating American businesses via remote jobs, with the help of unwitting U.S. citizens. This operation, run by a former waitress turned TikTok personality, saw North Korean workers overseas posing as U.S.-based tech employees and securing jobs at more than 300 American companies, collecting $17.1 million in pay.

Earlier in May, a report by cybersecurity firm DTEX revealed that North Korea’s cybercrime operations were being likened to a mafia organization controlled by Kim Jong Un. The operations involved a global network of North Korean technologists who infiltrated Fortune 500 companies and laundered money to support Kim’s nuclear and ballistic missile ambitions.

Despite these crackdowns, North Korea’s cybercrime operations have continued to thrive. In June 2025, it was reported that crypto hacks and exploits had surged to record levels, with total losses exceeding $2.1 billion across at least 75 incidents. The largest single event was the $1.5 billion hack of Dubai-based crypto exchange Bybit in February, which was attributed to North Korea.

Image via Shutterstock

Disclaimer: This content was partially produced with the help of AI tools and was reviewed and published by Benzinga editors.