The U.S. Department of Justice and FBI have dismantled a large-scale North Korean cyber espionage and fraud scheme involving remote IT workers impersonating American tech employees. From 2021 to 2024, North Korean operatives used stolen identities of over 80 Americans to secure remote positions at more than 100 U.S. companies, including Fortune 500 firms and defense contractors. These workers operated through nearly 30 "laptop farms" across 16 states, enabling them to steal millions of dollars, including nearly $1 million in cryptocurrency from an Atlanta-based blockchain startup. The scheme also involved embedding malware and stealing sensitive data, including military technology, to fund North Korea's weapons programs. Authorities arrested a U.S. national in New Jersey who allegedly hosted one such laptop farm and charged four North Korean nationals with wire fraud and money laundering. The Justice Department seized 29 bank accounts, took down 21 fake websites, confiscated over 200 devices, and froze approximately $7.74 million linked to the operation. In addition, the U.S. Treasury Department sanctioned North Korean cyber actor Song Kum Hyok and several Russian individuals and companies connected to the scheme. These sanctions target those who facilitated the infiltration of U.S. firms, including crypto startups, to launder stolen funds and support the Kim Jong Un regime. The coordinated crackdown highlights the use of AI tools by North Korean operatives to forge documents, voices, and LinkedIn profiles to evade detection and maintain access to lucrative remote IT jobs.