The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has announced sanctions against eight individuals and two entities for their involvement in laundering funds from illicit activities linked to North Korea, including cybercrime and fraudulent information technology work.
“North Korean state-sponsored hackers steal and launder money to fund the regime’s nuclear weapons program,” said John K. Hurley, Under Secretary of the Treasury for Terrorism and Financial Intelligence. “By generating revenue for Pyongyang’s weapons development, these actors directly threaten U.S. and global security. Treasury will continue to pursue the facilitators and enablers behind these schemes to cut off the DPRK’s illicit revenue streams.”
A recent report by a Multilateral Sanctions Monitoring Team outlines how North Korean operations have supported funding for weapons of mass destruction programs through cyber activity and IT worker fraud. The government in Pyongyang reportedly directs hackers to raise funds using illegal methods, with affiliated groups stealing more than $3 billion over three years—primarily in cryptocurrency—using advanced techniques such as malware deployment and social engineering.
DPRK IT workers operate globally by concealing their identities or using false documentation to secure contracts on freelance platforms. They often partner with non-North Korean freelancers on projects, splitting profits while masking the true origin of funds.
Among those sanctioned are Jang Kuk Chol and Ho Jong Son, identified as North Korean bankers who managed funds—including $5.3 million in cryptocurrency—for First Credit Bank, which has been previously designated by OFAC. Some of these assets are linked to ransomware attacks targeting U.S. victims.
Korea Mangyongdae Computer Technology Company (KMCTC), an IT company based in North Korea with delegations operating out of Shenyang and Dandong in China, was also sanctioned along with its president U Yong Su. The company is accused of using Chinese nationals as banking proxies to disguise the origins of illicitly generated revenues.
The Ryujong Credit Bank, based in North Korea, was designated for providing financial support that helped avoid sanctions between China and North Korea, including facilitating money laundering activities related to overseas workers’ earnings.
Several representatives located in China or Russia were named: Ho Yong Chol facilitated transfers exceeding $2.5 million on behalf of Korea Daesong Bank; Han Hong Gil coordinated over $630,000 worth of transactions for Ryugyong Commercial Bank; Jong Sung Hyok serves as chief representative at DPRK Foreign Trade Bank’s Vladivostok office; Choe Chun Pom represented Central Bank of the DPRK in transactions exceeding $200,000; Ri Jin Hyok acted on behalf of a front company tied to Foreign Trade Bank handling over $350,000.
According to OFAC regulations resulting from these actions, all property belonging to those sanctioned within U.S jurisdiction is blocked and must be reported. Any entity owned 50 percent or more by blocked persons is also subject to blocking measures. U.S persons are generally prohibited from conducting transactions involving any designated parties unless authorized by OFAC.
Violating institutions or individuals risk exposure to additional sanctions or enforcement action if they conduct business with those targeted under today’s measures.
OFAC noted that while its ability to add individuals or entities to sanction lists is significant, it can also remove them if legal criteria are met—the ultimate aim being behavioral change rather than punishment.
