Related Federal Cases
- David Rivera, Election Fraud, Nashville TN, 2016 · Connecticut
- Charlotte McEwen, Pleads Guilty to $466K Wire Fraud, Nashville TN, … · Mississippi
- North Carolina Check Fraud Kingpin Sentenced to 85 Months · North Carolina
- Nicole Bogan, Health Care Fraud, Columbus GA, 2013 · Mississippi
- Robert J. Berryhill, $300k Mail and Wire Fraud, OH, 2023 · Tennessee
Nashville Man Charged with North Korean Remote IT Worker Scheme
Nashville resident Matthew Isaac Knoot, 38, has been charged with facilitating a complex scheme to deceive US companies into hiring foreign remote IT workers, who were paid hundreds of thousands of dollars in income funneled to the Democratic People’s Republic of Korea (DPRK) for its weapons program.
According to court documents, Knoot participated in a scheme to obtain remote employment with American and British companies for foreign information technology (IT) workers, who were actually North Korean actors. He assisted them in using a stolen identity to pose as a U.S. citizen, hosted company laptops at his residences, downloaded and installed software without authorization on such laptops to facilitate access and perpetuate the deception, and conspired to launder payments for the remote IT work, including to accounts tied to North Korean and Chinese actors.
“North Korea has dispatched thousands of highly skilled information technology workers around the world to dupe unwitting businesses and evade international sanctions so that it can continue to fund its dangerous weapons program,” said United States Attorney Henry C. Leventis for the Middle District of Tennessee.
As part of the scheme, Knoot ran a “laptop farm” at his Nashville residences between approximately July 2022 and August 2023, hosting company laptops and downloading and installing software without authorization to facilitate access and perpetuate the deception.
The indictment alleges that Knoot assisted overseas IT workers to obtain remote IT work at U.S. companies, which believed that they were hiring U.S.-based personnel. The IT workers, who were North Korean nationals, used the stolen identity of a U.S. citizen, “Andrew M.,” to obtain this remote IT work.
The scheme defrauded U.S. media, technology, and financial companies, ultimately causing them hundreds of thousands of dollars in damages. Knoot’s actions are the latest example of the growing threat from the DPRK and the need for U.S. businesses to be vigilant in their hiring processes.
Key Facts
- State: Tennessee
- Category: Cybercrime|Fraud & Financial Crimes
- Source: DOJ Press Release â†â€â€
ðŸâ€Â’ Get the grimiest stories delivered weekly. Subscribe free →
MORE FEDERAL CRIME NEWS
US NewsUS NewsUS NewsUS News