US announces seizure of 17 website domains used by North Korea IT workers

The United States said on Wednesday it has seized 17 website domains used by North Korean information technology workers in a scheme to allegedly defraud businesses, evade sanctions and fund the development of North Korea's weapons program.

The seizures took place on Tuesday pursuant to a court order in Missouri, the U.S. Justice Department said in a statement.

The United States has alleged that North Korea oversees thousands of IT workers around the world, primarily located in China and Russia, with the aim of deceiving U.S. and other businesses worldwide into hiring them as freelance IT workers, in order to generate revenue for its weapons of mass destruction and ballistic missiles programs.

North Korea has "flooded the global marketplace with ill-intentioned information technology workers to indirectly fund its ballistic missile program," the Justice Department said on Wednesday, urging employers to be cautious.

The United States and South Korea in May announced new North Korea sanctions related to thousands of IT workers they accused of hiding their identities, locations and nationalities and using forged documentation to apply for jobs. They allegedly help fund Pyongyang's weapons programs, according to Washington.

In the past, the U.S. State Department has warned that hiring North Korean IT workers could also lead to incidents of intellectual property theft.

The seizures of the 17 website domains followed previously sealed court-authorized seizures in October 2022 and January 2023 of about $1.5 million of revenue the same group of IT workers collected from unwitting victims as a result of their scheme, the Justice Department said on Wednesday.

The agency said public-private information sharing partnerships had also been developed that denied the North Korean IT workers access to their preferred online freelance work and payment service providers.