The North Korean government, struggling under the weight of international sanctions, has for years seeded companies in the United States and elsewhere with remote tech workers camouflaged by false and stolen identifies to generate desperately needed revenue, federal prosecutors say.

联邦检察官表示，在国际制裁的重压下挣扎的朝鲜政府多年一直在向美国和其他国家的企业秘密派遣远程技术人员，他们利用虚假和盗用的身份为伪装，为朝鲜政权创造急需的收入。

Taking advantage of the global demand for skilled tech employees and the rise in remote employment, the North Korean regime has found a way to work around United Nations and United States sanctions imposed on it for its nuclear weapons program, the prosecutors said in two indictments unsealed in federal district courts in Massachusetts and Georgia. It has also used the access to steal both money and information, they said.

检察官在马萨诸塞州和佐治亚州联邦地方法院公布的两份起诉书中指出，朝鲜政权利用全球对熟练技术工作者的需求增长和远程就业的兴起，成功规避联合国和美国因其核武器计划而实施的制裁。起诉书说，朝鲜还利用这种途径窃取资金与情报。

“Thousands of North Korean cyber-operatives have been trained and deployed by the regime to blend into the global digital work force,” Leah Foley, the chief federal prosecutor in Massachusetts, said in announcing the charges on Monday. She called the threat “both real and immediate.”

“朝鲜政权训练和部署了数以千计的网络特工，混入全球数字劳动力大军，”马萨诸塞州首席联邦检察官利亚·弗利周一在宣布这些指控时说。她称这一威胁“既真实又迫在眉睫”。

On Monday, federal law enforcement authorities took a series of actions across 16 states aimed at shutting down the scheme. Investigators seized dozens of financial accounts and fraudulent websites and searched “laptop farms” that allowed North Korean operatives to gain access to the computers that companies provide their off-site employees, prosecutors said.

周一，联邦执法当局在16个州采取了一系列行动，旨在瓦解该渗透计划。检察官表示，调查人员查封了数十个金融账户和欺诈网站，并搜查了所谓的“笔记本电脑农场”，这些农场让朝鲜特工可以接入企业远程办公电脑。

In recent years, North Korean attempts to evade sanctions using false identities have been increasingly been raising alarm. There is evidence that the operation has expanded geographically, targeting Europe in particular, according to a report from the Google Threat Intelligence Group in April.

近年来，朝鲜利用虚假身份逃避制裁的企图日益引起人们的警觉。谷歌威胁情报小组今年4月的一份报告显示，有证据表明，该行动的地域范围已经扩大，尤其瞄准了欧洲。

Last year, the Justice Department and the F.B.I. launched an initiative to identify people in the United States believed to be helping North Koreans advance the plots, some of them without their knowledge.

去年，司法部和联邦调查局发起专项行动，以查明据信在美国境内帮助朝鲜人推进这些阴谋的人，其中一些人对此并不知情。

In one of the cases brought by federal prosecutors this week, American, Chinese and Taiwanese citizens were accused of involvement in a plot that compromised about 80 American identities. The falsified identities were used to help North Koreans get remote tech jobs with over 100 companies across dozens of states in a range of industries between 2021 and 2024.

在本周联邦检察官提起的一起诉讼中，美国、中国和台湾公民被指控参与了一起套取约80个美国人身份的阴谋。这些伪造的身份被用来帮助朝鲜人在2021年至2024年期间在数十个州的100多家公司获得远程技术工作，涉及多个行业。

Prosecutors say the scheme generated about $5 million for North Korea, and cost American business some $3 million in damages and expenses. It also exposed sensitive information, including some related to military technology, they said.

检察官说，该阴谋给朝鲜带来了大约500万美元的收入，给美国企业造成了大约300万美元的损失和开支。他们还指出，此举更致使包括军事技术在内的敏感信息外泄。

The defendants are said to have used online background check services to cull personal information and create personas for the North Koreans so that they appeared authorized to work in the United States. They conducted records checks of hundreds of individuals, including dozens whose identities were stolen, prosecutors said.

据称，被告使用在线背景调查服务筛选个人信息，并为朝鲜人伪造虚假身份，使他们看起来具有在美国工作的合法资格。检察官指出，他们对数以百人的记录进行了核查，其中数十人身份信息遭盗用。

To bolster the falsified identities, participants in the scheme created fake companies, websites and bank accounts and arranged to receive the company laptops delivered to the remote workers in the United States, prosecutors said. Then, the authorities said, they granted remote access to the laptops to North Korean operatives working abroad. .

检察官说，为了支持伪造的身份，该阴谋的参与者创建了假公司、网站和银行账户，并安排接收企业交付给美国远程工作人员的笔记本电脑。然后，当局说，他们允许在国外工作的朝鲜特工远程访问这些笔记本电脑。

The second case unsealed this week, in the Northern District of Georgia, charges four North Koreans with theft and money laundering involving about $900,000 in cryptocurrency. The remote workers used false identities from Malaysia to perpetrate the scheme and worked out of the United Arab Emirates, prosecutors say.

本周在佐治亚州北部地区公布的第二起案件指控四名朝鲜人盗窃和洗钱，涉及约90万美元的加密货币。检方指出，这些远程工作人员使用马来西亚的假身份实施了这一计划，跨境运作据点设在阿联酋。

The defendants sought jobs in the crypto industry, according to the indictment. One was hired as a developer at an Atlanta-based company, and another worked for a Serbian firm. Together they diverted nearly $1 million in crypto from their employers, and their accused co-conspirators laundered the funds,, according to the indictment.

起诉书称，这些被告在加密货币行业寻找工作。一个人被亚特兰大的一家公司聘为开发人员，另一个人在一家塞尔维亚公司工作。起诉书称，他们总共从雇主那里转移了近100万美元的加密货币，而由同伙实施洗钱操作。

The American authorities have been raising alarms about the problem since at least 2022, when the F.B.I., along with the State and Treasury Departments, issued an advisory warning to the international community about infiltration. Operatives working mostly in North Korea, China and Russia were relying on an expansive network abroad to get jobs, targeting Europe and East Asia, the advisory said.

至少从2022年开始，美国当局就开始对这个问题发出警告，当时，联邦调查局联合国务院和财政部就渗透问题向国际社会发出了一份通报，提醒各方警惕渗透风险。该报告称，这些主要在朝鲜、中国和俄罗斯工作的特工依靠一个庞大的海外网络来找工作，目标是欧洲和东亚的企业和机构。

After the American warning, North Korean workers increasingly began seeking contracts elsewhere, according to an April report from a lead adviser to the Google Threat Intelligence Group in Europe, James Collier.

根据谷歌威胁情报小组驻欧洲首席顾问詹姆斯·科利尔4月的一份报告，在美国发出警告后，更多朝鲜工作人员开始向其他地方转移。

One North Korean worker ran at least 12 personas across Europe and the United States in late 2024, seeking jobs at defense companies and in governments, using fabricated references , the report says. There is also evidence of operatives and assistants working in Portugal, Germany and Britain.

报告称，2024年底，一名朝鲜工作人员在欧洲和美国至少扮演了12个角色，利用捏造的推荐信在国防承包商和政府部门寻找工作。还有证据表明，葡萄牙、德国和英国也有朝鲜工作人员与协助者从事相关行动的痕迹。

“In response to heightened awareness of the threat within the United States, they’ve established a global ecosystem of fraudulent personas to enhance operational agility,” Mr. Collier said. That evolution, he said, suggests they will continue being able to run the financing schemes.

科利尔说，“为了应对美国国内对威胁的高度警惕，他们建立了一个全球性的欺诈人物生态系统，以提高行动的灵活性。”他说，这一演变表明，他们能继续开展此类筹资活动。