The US Treasury has sanctioned two individuals and four entities linked to a North Korean IT worker ring accused of infiltrating cryptocurrency companies to fund the country’s missile programs. The Treasury’s Office of Foreign Assets Control (OFAC) announced the sanctions on Tuesday, stating that the network aimed to steal personal data, impersonate Americans, and embed operatives within US crypto firms under false identities. Song Kum Hyok, a North Korea-based operative, was sanctioned for allegedly using stolen identities of US citizens to assist North Korean IT workers in securing jobs at American companies . Russian national Gayk Asatryan was also sanctioned for employing dozens of North Korean IT workers under contracts with North Korean trading firms, expanding the network’s reach through his companies. Funding Missiles Through Crypto Work According to OFAC, North Korea has deployed thousands of skilled IT workers globally, primarily in China and Russia, to generate revenue for its ballistic missile program. These workers often target employers in wealthier countries using mainstream and industry-specific networking platforms to secure positions under fraudulent identities. “Treasury remains committed to using all available tools to disrupt the Kim regime’s efforts to circumvent sanctions through its digital asset theft, attempted impersonation of Americans, and malicious cyber-attacks,” said Treasury Deputy Secretary Michael Faulkender. The sanctions freeze all US-based assets connected to Song, Asatryan, and the four sanctioned Russian entities. US individuals and businesses are now prohibited from engaging in any financial transactions or business with the designated individuals and entities, under threat of civil and criminal penalties. North Korean Operations Shift Tactics Away From Hacks While North Korea has historically been linked to high-profile crypto hacks , including the $1.5 billion Bybit exploit in February, blockchain intelligence firm TRM Labs noted a shift in tactics. The firm stated that while exchange breaches remain significant, North Korean operations are increasingly moving toward deception-based methods, including infiltration by IT workers posing as legitimate employees. TRM Labs estimates that North Korea-linked actors were responsible for $1.6 billion of the $2.1 billion stolen in 75 crypto hacks and exploits in the first half of 2025. US authorities have also been ramping up efforts to dismantle these networks. On June 30, four North Korean nationals were charged with wire fraud and money laundering for posing as remote workers at blockchain companies. Earlier in June, the Department of Justice moved to seize $7.74 million in crypto linked to North Korean IT workers using fake identities while working as remote contractors in the blockchain sector. The post US Treasury Sanctions North Korean IT Worker Network Infiltrating Crypto Firms appeared first on TheCoinrise.com .