Matthew Isaac Knoot, a 38-year-old resident of Nashville, Tennessee, has been charged for his involvement in generating revenue for North Korea’s illicit weapons program, including weapons of mass destruction (WMD). According to court documents, Knoot took part in a scheme where North Korean IT workers obtained remote employment with American and British companies by posing as U.S. citizens using stolen identities.
Knoot allegedly facilitated this deception by hosting company laptops at his residences, installing unauthorized software on them, and laundering payments for the remote IT work. The scheme’s primary aim was to funnel money to North Korea’s WMD programs.
United States Attorney Henry C. Leventis for the Middle District of Tennessee emphasized the commitment to national security and highlighted the complexity and duration of the scheme, which funneled hundreds of thousands of dollars to foreign actors. Assistant Attorney General Matthew G. Olsen of the National Security Division underscored the indictment as a warning to U.S. businesses about the threat from North Korea and the importance of vigilance in hiring processes.
Assistant Director Bryan Vorndran of the FBI’s Cyber Division stated that the FBI would continue to pursue those aiding North Korea’s illegal revenue generation efforts, stressing the priority of disrupting illicit financial flows that support North Korea’s regime.
The indictment revealed that North Korea has dispatched numerous skilled IT workers abroad, primarily to China and Russia, to deceive businesses into hiring them as freelancers. These workers can each earn up to $300,000 annually, generating significant revenue for North Korea’s prohibited WMD programs.
Knoot’s role involved running a “laptop farm” at his Nashville residences, where he received and modified laptops from victim companies to enable North Korean IT workers to remotely access these devices. The workers, who were operating from China, were paid substantial sums, often falsely reported under the identity of a stolen U.S. citizen. The victim companies faced significant costs in auditing and remediating their systems.
Knoot faces multiple charges, including conspiracy to cause damage to protected computers, conspiracy to launder monetary instruments, conspiracy to commit wire fraud, intentional damage to protected computers, aggravated identity theft, and conspiracy to cause the unlawful employment of aliens. If convicted, he could face up to 20 years in prison.
The case is being investigated by the FBI Memphis Field Office, Nashville Resident Agency. Assistant U.S. Attorney Josh Kurtzman and Trial Attorney Greg Nicosia are prosecuting the case.
The FBI, along with the Departments of State and Treasury, have issued advisories to alert the international community about the North Korea IT worker threat, providing updated guidance and indicators to watch for, consistent with such fraud schemes.
An indictment is merely an allegation, and all defendants are presumed innocent until proven guilty in a court of law.
Source: Read Original Release
Two Knoxville Men Convicted for Meth Distribution
Cumecus Cates and Grady Chandler, both from Knoxville, Tennessee, were convicted of conspiracy and distribution of methamphetamine, facing potential life sentences following evidence from FBI-recorded transactions and witness testimony.