Public watchlist entries require official sanctions, law-enforcement, court, or equivalent public-source backing.
信頼ルール
国籍のみで判断しません。未検証の公開告発は扱いません。証拠は審査まで非公開です。
Reports enter a moderation queue and are not published until approved with sufficient evidence.
No nationality-only screening, ethnicity proxies, forced slogans, or political loyalty tests.
質問票
アクセス権限を増やす前に、観察された不正指標を確認します。
観察した事実だけを選択してください。結果はリスク分類であり、公的な告発ではありません。
運用文言は機械支援翻訳です。法務、制裁、雇用判断では英語原文と専門家の確認を優先してください。
ソフト面接質問
候補者自身の主張に結びつく場合だけ使ってください。
一貫性、ライブ本人性、検証可能な経歴を確認します。国籍テストではありません。
韓国背景を主張する場合
- 作業環境、勤務時間、通信手段、給与/KYC経路、端末受け取り方法を具体的に説明してもらいます。
- 学校や雇用主は候補者提供の連絡先だけでなく独立した連絡先で確認します。
ライブ一貫性確認
- ポリシー上可能ならカメラをオンにし、最近の作業サンプルを説明してもらいます。
- 服装や外見ではなく、同一人物性と主張の一貫性だけを確認します。
韓国語レビュー
- 韓国語の方言、語彙、専門用語は韓国ネイティブのレビューを使えます。
- アクセントだけで判断せず、他の記録と合わせて扱います。
Operational playbook
Useful in real hiring, vendor review, and incident response.
Before interview
Verify identity, education, employment, sanctions status, and vendor controls through independent channels.
Before equipment ships
Ship only to verified addresses, use MDM, block unauthorized remote access, and delay repository access.
Before production access
Use least privilege, watch for impossible travel, review payout mismatches, and log source-control activity.
If signals appear
Preserve evidence, pause access, involve counsel/compliance, and report through IC3 or the right authority.
非公開報告受付
報告は審査待ちになります。公的または検証可能な証拠なしに公開されません。
Need native South Korean review for Korean-language, dialect, vocabulary, or claimed-background consistency? Contact dev.koriel@gmail.com.
公的公開事例
公開項目は FBI、DOJ、OFAC などの公的情報に限定されます。
FBI wanted: fraudulent remote IT worker team tied to blockchain theft
DOJ says four DPRK nationals used false or stolen identities to obtain remote IT roles and allegedly stole more than $900,000 in virtual currency from two companies.
4 listed people/entities
Kim Kwang Jin aka P.S.Kang Tae Bok aka Wong Shao OnnJong Pong Ju aka Bryan ChoChang Nam Il aka Bong Chee Shen, Peter Xiao
- False or stolen identities
- Remote IT roles at crypto companies
- Smart contract/source-code access
- Tornado Cash laundering allegations
FBI wanted: multi-year remote IT worker fraud case
DOJ says the defendants and co-conspirators obtained work from at least 64 U.S. companies, generated at least $866,255 from 10 companies, and laundered proceeds through a Chinese bank account.
2 listed people/entities
Jin Sung-IlPak Jin-Song
- Forged and stolen identity documents
- Laptop farm facilitation
- U.S. company remote jobs
- Money laundering allegations
Fourteen DPRK nationals indicted in Yanbian Silverstar / Volasys Silverstar scheme
DOJ says the group worked for DPRK-controlled Yanbian Silverstar and Volasys Silverstar, using false, stolen, and borrowed identities to obtain remote IT work and launder revenue.
14 listed people/entities
Jong Song HwaRi Kyong SikKim Ryu SongRim Un CholKim Mu RimCho Chung PomHyon Chol SongSon Un CholSok Kwang HyokChoe Jong YongKo Chung SokKim Ye WonJong Kyong CholJang Chol Myong
- False, stolen, and borrowed identities
- Front companies
- Remote work contracts
- Revenue laundering allegations
Official record, no official photo published here
OFAC sanctions: Chinyong Information Technology Cooperation Company and Kim Sang Man
OFAC sanctioned Chinyong and Kim Sang Man for roles tied to DPRK overseas IT worker delegations, revenue generation, and cryptocurrency payments.
2 listed people/entities
Chinyong Information Technology Cooperation Company aka Jinyong IT Cooperation CompanyKim Sang Man
- DPRK IT worker delegations
- Russia and Laos operations
- Cryptocurrency payment flows
- Sanctions designation
Official record, no official photo published here
DOJ charged Foreign Trade Bank representative Sim Hyon Sop in crypto laundering conspiracies
DOJ says Sim allegedly conspired with North Korean IT workers to launder proceeds from illegal IT development work at blockchain companies.
1 listed people/entities
Sim Hyon Sop aka Sim
- Blockchain development companies
- Stablecoin and virtual currency payments
- FTB-linked laundering allegations
- Sanctions evasion
Official record, no official photo published here
OFAC 2026 sanctions: facilitators and entities tied to DPRK IT worker fraud
OFAC designated six individuals and two entities for roles in DPRK IT worker schemes, including currency conversion, IT worker coordination, and facilitation services.
8 listed people/entities
Amnokgang Technology Development CompanyNguyen Quang VietQuangvietdnbg International Services Company LimitedDo Phi KhanhHoang Van NguyenYun Song GukHoang Minh QuangYork Louis Celestino Herrera
- Currency conversion
- IT worker coordination
- Freelance IT contracts
- Sanctions designation
Official record, no official photo published here
DOJ sentencing: U.S.-based laptop farms that helped DPRK IT workers pose as U.S. residents
DOJ says the defendants operated laptop farms that helped North Korean remote IT workers pose as U.S. residents, use stolen identities, and obtain work from more than 100 U.S. companies.
2 listed people/entities
Kejia WangZhenxing Wang aka Danny Wang
- Laptop farms
- Stolen identities
- U.S.-resident impersonation
- More than 100 victim companies
Official record, no official photo published here
Christina Marie Chapman laptop farm scheme
DOJ says Chapman assisted DPRK IT workers posing as U.S. residents, helped them work at 309 U.S. companies, and generated more than $17 million in illicit revenue.
1 listed people/entities
Christina Marie Chapman
- Laptop farm
- Stolen U.S. identities
- 309 U.S. companies
- Payroll and check laundering
Official record, no official photo published here
U.S. facilitators who provided identities, hosted laptops, and passed vetting steps
DOJ says the defendants provided U.S. identities, hosted victim company laptops, installed remote access software, and helped overseas IT workers pass employer vetting.
3 listed people/entities
Audricus PhagnasayJason SalazarAlexander Paul Travis
- Identity lending
- Laptop hosting
- Unauthorized remote access software
- Drug-test substitution
Official record, no official photo published here
Oleksandr Didenko identity and account marketplace
DOJ says Didenko stole U.S. identities and sold them to overseas IT workers, including DPRK IT workers, so they could fraudulently gain employment at 40 U.S. companies.
1 listed people/entities
Oleksandr Didenko aka Alexander Didenko
- Stolen identity marketplace
- Freelance platform accounts
- Money-service accounts
- 40 U.S. companies
Official record, no official photo published here
Taggcar and facilitator indictment tied to 64-company remote IT worker scheme
DOJ says the facilitators helped obtain work for DPRK IT workers from more than 64 U.S. companies; Erick Ntekereze Prince later pleaded guilty to wire fraud conspiracy.
3 listed people/entities
Pedro Ernesto Alonso De Los ReyesErick Ntekereze PrinceEmanuel Ashtor
- Staffing-vendor facilitation
- False and stolen identities
- Laptop farm
- 64 U.S. companies
Official record, no official photo published here
OFAC Department 53 / Laos IT worker network
OFAC says Department 53 and front companies maintained DPRK IT worker delegations in Laos and used aliases to generate revenue from IT projects including crypto exchanges, web apps, and mobile apps.
6 listed people/entities
Department 53 of the Ministry of the People's Armed ForcesKorea Osong Shipping Co aka OsongChonsurim Trading Corporation aka ChonsurimJong In CholSon Kyong SikLiaoning China Trade Industry Co., Ltd aka Liaoning China Trade
- Laos IT worker delegations
- Aliases with clients
- Crypto exchange development
- Equipment supply network
Official record, no official photo published here
OFAC Korea Sobaeksu IT worker and procurement network
OFAC says Sobaeksu and associated individuals helped evade sanctions and generate revenue through fraudulent IT worker schemes and related procurement activity.
4 listed people/entities
Korea Sobaeksu Trading Company aka Sobaeksu United CorporationKim Se UnJo Kyong HunMyong Chol Min
- IT worker deployment
- Vietnam-linked revenue activity
- Cryptocurrency and financial coordination
- Sanctions evasion
Official record, no official photo published here
OFAC Chinyong-linked payment and front-company network
OFAC says Andreyev and Kim Ung Sun facilitated hundreds of thousands of dollars in transfers for Chinyong, while Shenyang Geumpungri and Sinjin supported DPRK IT worker revenue generation.
4 listed people/entities
Vitaliy Sergeyevich AndreyevKim Ung SunShenyang Geumpungri Network Technology Co., Ltd aka Shenyang GeumpungriKorea Sinjin Trading Corporation aka Sinjin General Trading Corporation
- Crypto-to-cash conversion
- Chinyong-linked front company
- DPRK IT worker delegation
- Sanctions designation
Official record, no official photo published here
OFAC bankers and KMCTC IT delegation network
OFAC says DPRK bankers helped manage cryptocurrency funds and that KMCTC operated IT worker delegations from Shenyang and Dandong using banking proxies.
5 listed people/entities
Jang Kuk CholHo Jong SonKorea Mangyongdae Computer Technology Company aka KMCTCU Yong SuRyujong Credit Bank
- Cryptocurrency fund management
- IT worker delegations in China
- Banking proxies
- Sanctions designation
出典
Primary references used for Kimchi Canary controls.
U.S. Treasury OFAC, U.S. State Department, FBI · 2022-05-16
Guidance on the Democratic People's Republic of Korea Information Technology Workers
Baseline red flags and due diligence measures for avoiding inadvertent hiring of DPRK IT workers.
ODNI CTIIC / FBI IC3 · 2023-10-18
North Korean Tactics, Techniques, and Procedures for Revenue Generation
Updated indicators for fraudulent documents, proxy accounts, remote desktop use, and crypto payments.
FBI · 2025-01-23
North Korean IT Workers Conducting Data Extortion
Guidance on data theft, repository copying, session abuse, AI video, and remote hiring controls.
FBI IC3 · 2025-07-23
North Korean IT Worker Threats to U.S. Businesses
Public guidance on U.S.-based facilitators, laptop farms, report channels, and vendor exposure.
U.S. Department of Justice · 2025-06-30
Justice Department Announces Coordinated, Nationwide Actions to Combat North Korean Remote IT Workers
Charges, searches, account/domain seizures, and alleged blockchain-company crypto thefts.
U.S. Treasury OFAC · 2026-03-12
Treasury Sanctions Facilitators of DPRK IT Worker Fraud Targeting U.S. Businesses
Sanctions against facilitators and entities tied to DPRK IT worker fraud networks.
U.S. Department of Justice · 2026-04-15
Two U.S. Nationals Sentenced for Facilitating Fraudulent Remote Information Technology Worker Scheme
Sentencing announcement for U.S.-based laptop farm facilitators tied to DPRK remote IT worker fraud.
U.S. Department of Justice · 2025-07-24
Arizona Woman Sentenced in $17M IT Worker Fraud Scheme
Sentencing announcement for a U.S.-based laptop farm scheme involving more than 300 companies.
U.S. Department of Justice · 2025-11-14
Justice Department Announces Nationwide Actions to Combat Illicit North Korean Government Revenue Generation
Guilty pleas by U.S. and Ukrainian facilitators of DPRK remote IT worker schemes.
U.S. Treasury OFAC · 2025-01-16
Treasury Targets IT Worker Network Generating Revenue for DPRK Weapons Programs
OFAC designations for Department 53, front companies, supervisors, and equipment suppliers.
U.S. Treasury OFAC · 2025-07-24
Treasury Sanctions Clandestine IT Worker Network Funding the DPRK's Weapons Programs
OFAC designations for Korea Sobaeksu Trading Company and associated individuals.
U.S. Treasury OFAC · 2025-08-27
Treasury Sanctions Fraud Network Funding DPRK Weapons Programs
OFAC designations for a Chinyong-linked IT worker payment and front-company network.
U.S. Treasury OFAC · 2025-11-04
Treasury Sanctions DPRK Bankers and Institutions Involved in Laundering Cybercrime Proceeds and IT Worker Funds
OFAC designations tied to cybercrime proceeds, IT worker funds, and DPRK IT delegations.
U.S. Treasury OFAC · 2023-05-23
Treasury Targets DPRK Malicious Cyber and Illicit IT Worker Activities
U.S. Department of Justice · 2023-04-24
North Korean Foreign Trade Bank Representative Charged in Crypto Laundering Conspiracies