Last updated:
Matthew Knoot from Nashville, Tennessee has been indicted under federal charges for allegedly aiding North Korea’s (DPRK) ballistic weapons programs in a massive IT jobs fraud scheme, a new U.S. Department of Justice press release reveals.
U.S. Department Of Justice Charges Tennessean Matthew Knoot
According to the press release, North Korea employs “thousands of skilled IT workers to live abroad” each year, where they can receive up to $300,000 annually. This salary is then funneled back to North Korea, where the Kim Jong Un-led country uses the funds to support its weapons of mass destruction (WMD) programs.
Between July 2022 and August 2023, Knoot reportedly ran a “laptop farm” that assisted several North Korean workers in obtaining illicit employment at U.S. and British tech companies, despite the companies believing they were hiring U.S. based employees.
“Knoot allegedly assisted them in using a stolen identity to pose as a U.S. citizen; hosted company laptops at his residences; downloaded and installed software without authorization on such laptops to facilitate access and perpetuate the deception; and conspired to launder payments for the remote IT work, including to accounts tied to North Korean and Chinese actors,” the press release reads.
The Nashville resident was purportedly paid an undisclosed amount of money for his role in the scheme on a monthly basis while his IT scheme cost victim companies over $500,000.
The indictment features a bevy of charges against Knoot, including aggravated identity theft and conspiracy to commit wire fraud, which would see the alleged Tennessee fraudster face up to two decades in federal prison.
“Today’s indictment, charging the defendant with facilitating a complex, multi-year scheme that funneled hundreds of thousands of dollars to foreign actors, is the most recent example of our office’s commitment to protecting the United States’ national security interests,” said U.S. Attorney Henry C. Leventis for the Middle District of Tennessee.
North Korea’s Crypto Connection
North Korea’s WMD programs have long been known to the world of cryptocurrencies, with the authoritarian state conducting several crypto-related hacks in recent years.
The country’s infamous hacking collective, Lazarus Group, has reportedly stolen over $3 billion worth of digital assets in the last six years alone.
Sinbad, a well-known crypto mixer used by the DPRK to obfuscate illicit activities, was sanctioned by the U.S. late last year.
Whether or not additional actors will be charged in the DPRK’s latest scheme remains to be seen.