Korea Mangyongdae Computer Technology Company

2017-09-01

Cheil Credit Bank (also known as First Credit Bank) first designated by OFAC on the SDN list, establishing a regulatory baseline for the banking infrastructure later used to launder KMCTC IT worker proceeds.

2018-01-01

UN Sanctions Monitoring Team begins documenting DPRK IT worker revenue-generation schemes, later estimating $250–$600 million generated annually from this period onward.

2023-05-01

OFAC and South Korea's Ministry of Foreign Affairs sanction Chinyong Information Technology Cooperation Company for employing DPRK IT workers abroad, a precedent action for the KMCTC designation.

2023-06-01

Cheil Credit Bank-linked cryptocurrency wallet addresses begin receiving sustained inbound flows. Over the subsequent two years (June 2023 – May 2025), these addresses collectively receive more than $12.7 million, reflecting patterns consistent with IT worker salary payments.

2025-01-01

OFAC sanctions Korea Osong Shipping Co. and Chonsurim Trading Corporation for sending DPRK IT workers to Laos, part of the expanding enforcement campaign against DPRK IT worker front companies.

2025-02-01

Lazarus Group executes the Bybit hack, stealing approximately $1.5 billion in a single operation using hybrid techniques combining embedded IT workers and credential theft.

2025-04-01

Tether blacklists 26 cryptocurrency addresses associated with Cheil Credit Bank prior to OFAC's formal designation, an early compliance response that precedes official regulatory action.

2025-11-04

OFAC designates Korea Mangyongdae Computer Technology Company and its president U Yong Su on the SDN list pursuant to E.O. 13810. Eight individuals and two entities total are designated in the same action, including Ryujong Credit Bank and five financial representatives in China and Russia. OFAC simultaneously adds 53 cryptocurrency addresses to Cheil Credit Bank's SDN entry.

2025-11-04

U.S. Department of State issues a concurrent statement on disrupting illicit DPRK bankers and institutions laundering cybercrime and IT worker funds, reinforcing the Treasury action with a foreign policy framing.

2025-11-17

Federal Register publishes OFAC's formal notice of the sanctions action (document 2025-19924), providing the official public record of KMCTC's SDN designation.

2025-12-01

North Korea-linked hackers are reported to have stolen approximately $2.02 billion in cryptocurrency in 2025 — a 51% year-over-year increase — pushing the DPRK's all-time theft total to an estimated $6.75 billion.

2026-01-01

The U.S. and members of the Multilateral Sanctions Monitoring Team (MSMT) at the United Nations publish a report highlighting the DPRK's violations and evasions of UN sanctions through cyber and IT worker activities, referencing the broader ecosystem in which KMCTC operates.

2026-03-12

OFAC issues a new round of sanctions targeting six individuals and two entities for DPRK IT worker fraud schemes, including Amnokgang Technology Development Company. The action confirms that the IT worker enforcement campaign continues beyond the November 2025 KMCTC designation.