WASHINGTON — The United States sanctioned two entities and eight individuals accused of helping North Korea launder money derived from cybercrime and information technology (IT) worker fraud schemes.
According to a statement issued by the U.S. Department of State today, the action targets Ryujong Credit Bank, a North Korea-based financial institution that allegedly facilitated sanctions-evasion activities between China and North Korea, and Korea Mangyongdae Computer Technology Company, an IT firm based in North Korean that operates IT workers in China, along with its president, U Yong Su.
Also designated were North Korean bankers Jang Kuk Chol and Ho Chong Son, who managed funds for the U.S.-designated First Credit Bank, including money tied to a ransomware group that previously targeted U.S. victims. In addition, five North Korean financial representatives—Ho Yong Chol, Han Hong Gil, Jong Sung Hyok, Choe Chun Pom, and Ri Jin Hyok—were sanctioned for helping the DPRK conduct financial transactions in violation of United Nations sanctions.
According to the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), the designations block all property and interests in property belonging to the sanctioned parties that are in the United States or under the control of U.S. persons. The action also prohibits U.S. individuals and companies from engaging in any transactions with them and warns that foreign financial institutions that knowingly facilitate such dealings risk being cut off from the U.S. financial system. The Treasury Department said the measures are intended to disrupt North Korea’s access to hard currency and its ability to use global financial networks to launder stolen cryptocurrency and fund weapons development.
The sanctions follow findings by the Multilateral Sanctions Monitoring Team (MSMT), a coalition of 11 nations including the United States, Japan, Italy, South Korea, and the UK, which reported on October 22 that the Democratic People’s Republic of Korea’s (DPRK or North Korea) employs its cyber capabilities to circumvent UN sanctions and generate revenue for DPRK’s priorities, including the unlawful development of it weapons of mass destruction (WMD) and ballistic missile programs.
According to the report, North Korean cyber actors stole at least $1.19 billion in cryptocurrency from companies worldwide in 2024. From January to September 2025, DPRK cyber actors stole $1.65 billion “owing predominately to the theft of $1.4 billion from the cryptocurrency exchange Bybit in February.”
“DPRK cyber actors use a diverse array of cryptocurrency services registered in UN Member State jurisdictions around the world to launder stolen cryptocurrency before ultimately attempting to convert it into fiat currency,” the report states. “The DPRK relies upon networks of North Korean nationals abroad and foreign-based facilitators, including in China, Russia, Argentina, Cambodia, Vietnam, and the United Arab Emirates, to launder stolen digital assets into fiat currency for procurement activities and for funding its unlawful WMD and ballistic missile programs.”
The Multilateral Sanctions Monitoring Team (MSMT) member states also found that the DPRK, including the UN-designated, state-controlled Korea Mining Development Trading Corporation, used cryptocurrency as a means of payment and sale to more easily evade and violate UN sanctions. “During the reporting period, DPRK officials were found to have used a type of cryptocurrency known as a stablecoin for procurement-related transactions, including the sale and transfer of military equipment and raw materials such as copper, which is used in munitions production,” the report stated.
“The United States strongly condemns the activities of entities associated with the DPRK, including those supporting the DPRK’s WMD and ballistic missile programs in violation of multiple UN Security Council resolutions (UNSCRs) and enabling associated sanctions-evasion activities,” the State Department said in its statement issued today. The agency emphasized that North Korea’s use of cybercrime and overseas IT work to generate revenue for its weapons programs “poses a threat to our citizens, international security, and the global digital economy.”
The U.S. Department of State added: “Today’s actions reaffirm our commitment to hold accountable those who target U.S. citizens and benefit the DPRK’s unlawful weapons programs. We stand alongside the other MSMT participating states in remaining committed to strengthening collective resilience against such threats.”
