US Offers $5 Million Bounty for Exposing N. Korean Hacker Jobs

The United States is offering a reward of up to $5 million for information that helps disrupt the employment scheme of North Korean hackers in remote IT positions within American companies.

The U.S. State Department announced this reward shortly after federal prosecutors charged Arizona resident Chapman. She is suspected of assisting North Koreans in securing employment in the U.S. from October 2020 to October 2023.

The “Rewards for Justice” (RFJ) program, managed by the Diplomatic Security Service, offers up to $5 million for information leading to the disruption of financial mechanisms supporting North Korea. The press release mentions North Korean IT workers using aliases such as  Jiho Han, Chunji Jin, and Haoran Xu, along with their manager, Zhonghua.

Volt Typhoon group

These individuals allegedly participated in a scheme allowing them to obtain illegal remote jobs in the U.S. by using the forged identities of more than 60 real American citizens.

“We encourage anyone with information on Jiho Han, Chunji Jin, Haoran Xu, Zhonghua, Christina Chapman, or associated individuals or entities to contact the Rewards for Justice office via its Tor-based tips-reporting channel,” the State Department stated.

According to the State Department, the aforementioned scheme has already brought North Korea at least $6.8 million. Chapman actively helped North Korean spies find jobs across various sectors of the American economy. Moreover, the hackers even attempted to gain employment at two U.S. government agencies, but their efforts were unsuccessful.

Four North Koreans, according to the investigation, are linked to the North Korean Military Industry Department, which oversees the development of ballistic missiles and weapons production.

As alleged in the indictment, Chapman and her co-conspirators committed fraud and stole the identities of American citizens to enable individuals based overseas to pose as domestic, remote IT workers,” said Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Justice Department’s Criminal Division.

The charges in this case should be a wakeup call for American companies and government agencies that employ remote IT workers. These crimes benefitted the North Korean government, giving it a revenue stream and, in some instances, proprietary information stolen by the co-conspirators. The Criminal Division remains firm in its commitment to prosecute complex criminal schemes like this one.

According to media reports, North Korean IT workers have secretly worked in American companies for years, sending millions of dollars back to their homeland. They used stolen identities and social security numbers and paid American workers to conduct video interviews and conference calls.

In the spring of 2022, the FBI issued a warning that North Korea was deploying highly skilled IT specialists worldwide to generate revenue for the local government. By 2023, the FBI had seized 17 websites used by these workers to conceal their identities and secure employment in American companies.