cyber-crime
Matthew Isaac Knoot and Erick Ntekereze Prince will each do 18 months for hosting laptops used by North Korean IT workers to remotely infiltrate US companies
Playing host to company laptops used by North Korean scammers posing as American IT workers might earn you a cut of the cash Pyongyang siphons from US firms, but as two more suckers have learned, it also means taking the fall when the FBI figures out what’s going on.
Matthew Isaac Knoot, from Nashville, Tennessee, and Erick Ntekereze Prince, of New York, were each sentenced to 18 months in prison in separate cases, the Justice Department reported Wednesday. Prince and Knoot will also face three years and one year of supervised release, respectively, after their prison terms.
While the cases were different, the crimes were largely the same, with both Knoot and Prince misrepresenting themselves as either an American IT worker, or a company offering IT services performed by Americans, respectively. Both won jobs to perform IT work for US-based companies, and both provided space for company-owned laptops in their home or office, where remote access software was installed to allow North Koreans to work from overseas while appearing to be located in the States.
According to the DoJ, the pair generated more than $1.2 million in fraudulent revenue for North Korea, some of which was paid to them for their participation in the scheme. Knoot reportedly earned $15,100, which he will have to pay back as restitution to the companies and to the government; Prince will have to give back approximately $89,000 he got from Kim Jong Un’s government.
Between them, Prince and Knoot forced the nearly 70 US companies they victimized to spend $1.5 million to audit and remediate their devices, systems, and networks to eliminate all traces of the Nork intruders.
The pair are the latest to find themselves facing the wrath of the Justice Department for enabling North Korea’s fake IT worker scheme, which has been wildly successful. According to the most recent data from earlier this year, North Korean IT worker schemes are raking in more than $500 million a year for the Kim regime. That number doesn’t include any monetary value of data stolen from those organizations, either.
These scams have broadened their reach, too. Once confined to the realm of big tech, they’ve also been found in the healthcare, finance, and professional services spaces as well, as all present ripe opportunities for harvesting valuable data along with scoring money for the government.
Knoot and Prince got off easy compared to some of the previous folks sentenced for aiding North Korea’s schemes, though. Kejia Wang and Zhenxing Wang were jailed for a combined 200 months when sentenced last month, though to be fair their operation was larger, their takes greater, and their targets more prominent.
Regardless of the amount of time, the FBI said that the latest sentences should serve as a reminder that helping North Korea run its IT worker scam isn’t a good idea no matter how much they offer to pay.
“These cases should leave no doubt that Americans who choose to facilitate these schemes will be identified and held accountable,” FBI cyber division assistant director Brett Leatherman wrote in the announcement. “Hosting laptops for DPRK IT workers is a federal crime which directly impacts our national security, and these sentences should serve as a warning to anyone considering it.” ®
