ATLANTA — The FBI says an Atlanta tech entrepreneur was targeted by North Korean criminals, according to a newly unsealed federal criminal indictment.
“It felt like I was in a movie. That’s where we see these things, right?” Marlon Williams told Channel 2 Consumer Investigator Justin Gray.
Williams says more than $1 million in cryptocurrency was stolen from his Buckhead blockchain security startup, Starter Labs, by remote workers using fake identities.
[DOWNLOAD: Free WSB-TV News app for alerts as news breaks]
“Overall, it was $1.1 million over three different occurrences,” Williams said.
The FBI indicted Kim Kwang Jin, Kang Tae Bok, Jong Pong Ju and Chang Nam Il on wire fraud conspiracy, wire fraud and money laundering conspiracy charges.
According to the FBI, the men used fake and stolen identities to infiltrate the American business as remote IT workers. They then gained their employer’s trust to gain access to the company’s virtual currency and steal it.
The Atlanta business and a Serbian company also targeted said they wouldn’t have hired the men had they known they were North Korean citizens.
All four men indicted are wanted. FBI agents are now offering a $5 million for information.
“The defendants used fake and stolen personal identities to conceal their North Korean nationality, pose as remote IT workers and exploit their victims’ trust to steal hundreds of thousands of dollars,” said U.S. Attorney Theodore S. Hertzberg. “This indictment highlights the unique threat North Korea poses to companies that hire remote IT workers and underscores our resolve to prosecute any actor, in the United States or abroad, who steals from Georgia businesses.”
According to the indictment, in October 2019, the defendants traveled to the United Arab Emirates on North Korean documents and worked there as a team.
Williams says he first hired one of the men who reached out to him looking for work through the Telegram app.
Williams says the employee’s work was so strong, he continued to hire him for more projects with more responsibility.
“Oh man, super-duper talented, super talented,” Williams said.
Over time, he even promoted the remote work to chief technology officer and allowed him to hire additional staff who authorities now say were also North Korean nationals.
The employees worked for the Atlanta company for about two years before striking and cleaning out a cryptocurrency account.
“He had the power to create malicious code that he installed and that allowed him to withdraw the funds completely,” Williams said.
“These schemes target and steal from U.S. companies and are designed to evade sanctions and fund the North Korean regime’s illicit programs, including its weapons programs,” said John A. Eisenberg, Assistant Attorney General for the Department’s National Security Division.
The indictments in the Atlanta case are part of a larger U.S. Department of Justice action announced against these North Korean attacks including two indictments, an arrest, searches of 29 known or suspected “laptop farms” across 16 states, and the seizure of 29 financial accounts used to launder illicit funds and 21 fraudulent websites.
Traditional background checks may not flag these North Korean imposters, with fake passports and other documents, Hertzberg says
“If companies that work in this space want to protect themselves, they would be wise to hire Americans and to thoroughly vet all potential employees and business partners,” Hertzberg said.
Williams says he used to regularly work with and hire coders and developers he never met face to face. But no more.
“Going back to the fundamentals of business, meeting you face to face and looking in your eye, shaking your hand, that really matters, even in these new industries that are developing,” Williams said.
TRENDING STORIES:
- 2 men now dead after shooting at Atlanta park during fraternity event
- Tenants at 3rd property owned by the same company report dangerous living conditions
- What new Georgia laws take effect July 1?
[SIGN UP: WSB-TV Daily Headlines Newsletter]
©2025 Cox Media Group
