- Today
- Holidays
- Birthdays
- Reminders
- Cities
- Atlanta
- Austin
- Baltimore
- Berwyn
- Beverly Hills
- Birmingham
- Boston
- Brooklyn
- Buffalo
- Charlotte
- Chicago
- Cincinnati
- Cleveland
- Columbus
- Dallas
- Denver
- Detroit
- Fort Worth
- Houston
- Indianapolis
- Knoxville
- Las Vegas
- Los Angeles
- Louisville
- Madison
- Memphis
- Miami
- Milwaukee
- Minneapolis
- Nashville
- New Orleans
- New York
- Omaha
- Orlando
- Philadelphia
- Phoenix
- Pittsburgh
- Portland
- Raleigh
- Richmond
- Rutherford
- Sacramento
- Salt Lake City
- San Antonio
- San Diego
- San Francisco
- San Jose
- Seattle
- Tampa
- Tucson
- Washington
US Treasury Sanctions Alleged $800 Million North Korean IT Worker Fraud Operation
Six North Korean individuals and two entities were hit with U.S. sanctions over an alleged crypto-fueled fraud scheme targeting U.S. firms.
Mar. 13, 2026 at 4:37pm
Got story updates? Submit your updates here. ›
The U.S. Treasury Department has sanctioned six individuals and two entities linked to a North Korean government scheme that allegedly used fraudulent IT workers to infiltrate American companies and funnel hundreds of millions of dollars to Pyongyang's weapons programs. The scheme generated nearly $800 million in 2024 alone, according to the Treasury's Office of Foreign Assets Control (OFAC).
Why it matters
This action is part of a broader crackdown by the U.S. government on North Korea's overseas revenue networks that are funding its nuclear and ballistic missile programs in violation of American and United Nations sanctions. The Treasury Department is seeking to protect U.S. businesses from these malicious activities and hold those responsible accountable.
The details
North Korean IT workers typically use stolen identities, fake personas, and forged documents to secure remote employment with U.S. and allied companies. The regime then siphons the majority of their wages to fund its weapons programs. In some cases, workers have also planted malware inside company networks to steal proprietary data. The individuals sanctioned operated across multiple countries, including Vietnam, Laos, and Spain.
- The scheme generated nearly $800 million in 2024 alone.
- The sanctions were announced on March 13, 2026.
The players
U.S. Treasury Department
The U.S. government agency that imposed the sanctions on the North Korean individuals and entities.
Office of Foreign Assets Control (OFAC)
The Treasury Department's division that announced the sanctions as part of a broader crackdown on North Korea's overseas revenue networks.
Scott Bessent
The Treasury Secretary who stated that the North Korean regime targets American companies through deceptive schemes carried out by its overseas IT operatives.
North Korean IT workers
Individuals who used stolen identities, fake personas, and forged documents to secure remote employment with U.S. and allied companies, and then siphoned the majority of their wages to fund North Korea's weapons programs.
Vietnamese businessman
An individual who allegedly converted approximately $2.5 million into cryptocurrency for North Korean operatives between 2023 and 2025.
What they’re saying
“The North Korean regime targets American companies through deceptive schemes carried out by its overseas IT operatives, who weaponize sensitive data and extort businesses for substantial payments.”
— Scott Bessent, Treasury Secretary
What’s next
The U.S. government will continue to monitor and crack down on North Korea's overseas revenue networks that are funding its weapons programs in violation of sanctions.
The takeaway
This sanctions action highlights the ongoing threat posed by North Korean cyber-enabled financial crime targeting U.S. companies, and the U.S. government's efforts to disrupt these illicit revenue streams that are fueling Pyongyang's nuclear and missile programs.
Washington top stories
Washington events
Mar. 24, 2026
Disney's Beauty and the Beast (Touring)
Mar. 24, 2026
Inherit the Wind
Mar. 24, 2026
Midnight Til Morning - World Tour 2026