This could be the plot of a new Netflix fictional series, but it’s real life: A man has been arrested in Tennessee for reportedly raising money for North Korea’s weapons program by assisting North Korean workers in posing as U.S. citizens to launder money.
Matthew Isaac Knoot, 38, operated a “laptop farm” from his residences in Nashville. The farm provided North Koreans with access to U.S. internet connections, making them appear as if they were working from the U.S. rather than China, where they were actually located, as reported by CNN Politics.
A White House official stated that approximately 50% of North Korea’s missile program has been financed through cyberattacks and theft of cryptocurrency, per CNN.
Here is more of what CNN had to report on this developing security threat:
A Tennessee man has been arrested for allegedly working to raise money for North Korea’s weapons program, the Justice Department said on Thursday.
Matthew Isaac Knoot, 38, is accused of helping North Korean workers “pose as a US citizen” as part of a scheme to gain employment at American and British tech companies, and of conspiring to launder money earned by the workers to financial accounts tied to North Korean and Chinese individuals, the Justice Department said.
Knoot also allegedly ran a “laptop farm” from his residences in Nashville that granted the North Koreans access to US internet connections to make it appear as if they were logging into work from the US rather than China, where they were based, according to prosecutors.
The scheme defrauded unnamed US media, tech and financial companies, ultimately costing them hundreds of thousands of dollars in damages, the department said.
Knoot’s case is allegedly just the latest example of a phenomenon that US national security officials have been trying to thwart for years: Thousands of North Korean overseas IT workers are trying to subvert sanctions and send hundreds of millions of dollars back to Pyongyang each year.
Some of those IT workers work closely with North Korean hackers, who are also a rich source of revenue for the regime, according to experts. About half of North Korea’s missile program has been funded by cyberattacks and cryptocurrency theft, a White House official said last year.
The IT workers associated with Knoot were paid over $250,000 for their work between about July 2022 and August 2023, much of which was falsely reported to the IRS and the Social Security Administration in the name of another person’s stolen identity, the Justice Department said.
CNN could not immediately identify an attorney for Knoot.
It’s the second time in three months that an American has been charged with allegedly helping facilitate a wide-ranging North Korean fraud scheme. The Justice Department in May charged an Arizona woman with participating in a similar scheme that helped foreign IT workers pose as Americans and earn $6.8 million in revenue that could benefit the North Korean regime.