Matthew Isaac Knoot, a 38-year-old man from Tennessee, has been charged for helping North Korea fund its weapons of mass destruction program.
Knoot has allegedly been running a complex scheme for years, funneling hundreds of thousands of dollars to foreign actors, namely, North Korea.
He helped trick American and British companies into hiring IT workers from North Korea.
“Knoot assisted them in using a stolen identity to pose as a US citizen, hosted company laptops at his residences, downloaded and installed software without authorization on such laptops to facilitate access and perpetuate the deception, and conspired to launder payments for the remote IT work, including to accounts tied to North Korean and Chinese actors,” the Department of Justice said.
In an attempt to avoid sanctions and get funds for its weapons of mass destruction program, North Korea has been dispatching thousands of IT workers overseas for years.
The US warns that this is a growing threat, and companies should remain vigilant when hiring remote IT workers. North Koreans use “pseudonymous email, social media, payment platform and online job site accounts, as well as false websites, proxy computers, and witting and unwitting third parties located in the United States and elsewhere.”
One such worker earns up to $300,000 a year, which means hundreds of millions of dollars are flowing to the regime every year. Entities such as the North Korean Ministry of Defense collect the money to fund their weapon programs.
Knoot allegedly helped trick and defraud US media, tech, and finance companies. They believed they were hiring a US citizen – Andrew M., whose identity was, in fact, stolen. The scheme caused firms hundreds of thousands of dollars in damages.
When hired as a freelancer, “Andrew M.” would receive a laptop from his employer. Since many firms hired him, Knoot, running the scheme, received so many computers that he built a “laptop farm” at his Nashville residences.
The defendant logged on to all of them, downloaded and installed unauthorized remote desktop applications. These applications masked the fraudster's whereabouts – while it appeared that Andrew M. was working from his home in Nashville, it was actually the North Korean IT workers logging on to devices from different locations in China.
On behalf of Andrew M., a victim of identity theft, the overseas IT workers declared that they received over $250,000 for their work to the Internal Revenue Service and the Social Security Administration.
Meanwhile, the damage caused to the victim companies that hired North Korean workers is estimated at $500,000.
Knoot faces up to 20 years in prison.
Your email address will not be published. Required fields are markedmarked