OFAC designated Song Kum Hyok, a DPRK-based cyber actor affiliated with Andariel, for helping North Korean IT workers obtain remote employment through falsified identities and U.S. personal information. The scheme placed workers in technology, Web3, software development, and blockchain roles from locations including China and Russia, generating revenue for the Kim regime through stablecoin payments and other digital assets. The excerpt links related DOJ and FBI action to more than $7.7 million in crypto, NFTs, and digital assets tied to laundering networks using centralized exchanges, self-hosted wallets, Russian and UAE-based infrastructure, and fake personas such as “Joshua Palmer” and “Alex Hong.” TRM also reports that North Korea accounted for about $1.6 billion of more than $2.1 billion stolen in H1 2025 crypto hacks, driven largely by the Bybit theft, while deception-based IT worker infiltration continues to expand.