August 8, 2025

Old Game, New Name: Sobaeksu and DPRK’s WMD Legacy

The US government has recently designated the Korea Sobaeksu Trading Company (Sobaeksu) for asset freezing, citing its involvement in foreign currency-generating activities conducted by DPRK IT workers.

However, by examining past DPRK Panel reports, it becomes clear that Sobaeksu is in fact connected to companies previously involved in WMD development—namely, NAMCHONGANG TRADING CORPORATION (NCG) and KOREA MINING DEVELOPMENT TRADING CORPORATION (KOMID).

Sobaeksu

朝鲜小白水联合会社

Namchonggang

KOMID

Yun Ho-Jin

Source: DPRK NM Inventory Safeguards Agreement - 4 May 1992 by IAEA Imagebank by Flicker (Edited by DPRK Monitor).

NCG was previously engaged in North Korea’s nuclear development, particularly in procurement related to uranium enrichment, while KOMID was involved in missile transactions. These DPRK entities linked to the development and sale of WMDs have continued their operations under different names.

The Panel’s investigations (S/2017/150, paras.155-158) have revealed the evolution of these entities through the following findings:

  • UNSCR 2270 (2016) pointed out that NCG had changed its name to Namhung Trading Corporation (Namhung).

  • A review of corporate information registered in China shows that Namhung and the Beijing office of Sobaeksu shared the same address.

  • The representative of Sobaeksu’s Beijing office is Yun Ho-Jin, who was formerly the head of NCG. Yun Ho-Jin (윤호진 in Korean, 尹浩真 in Chinese) is listed under UN sanctions and is a former DPRK diplomat who was involved in uranium enrichment-related procurement at least as far back as the 1990s. His name is currently registered as the representative of Sobaeksu’s Beijing office.

  • Kim Chol Nam (김철남 in Korean, 金哲南 in Chinese), listed as a director of Sobaeksu’s Dandong office, is also registered as the representative of Korea Changgwang Trading Corporation in Beijing. Past Panel investigations have confirmed that Korea Changgwang Trading Corp is an alias for KOMID.

August 3, 2025

Part of DPRK’s Hard Currency Network

While the US has imposed sanctions on DPRK’s activities in Southeast Asia, the UN Security Council DPRK Panel of Experts (POE) report—covering the newly sanctioned individuals Kim Se Un and Sobaeksu—offers key new information. DPRK Monitor shares additional context below.

DPRK individuals operate or control multiple registered entities in various countries and engage in several distinct areas—including IT, trading, finance, and, in some cases, money laundering, military logistics, or procurement. These individuals often obtain passports from host countries or assume foreign identities to travel across multiple jurisdictions—thereby enhancing both their mobility and concealment.

Kim Se Un

김 세 운

Date of Birth: 25 March 1978

Passport: Passport 390120007 (DPRK) issued 09 Jan 2020 expires 09 Jan 2025 (individual)

According to the US State Department, Kim Se Un is a North Korean representative of Korean Sobaeksu Trading Company (Sobaeksu) and was involved in a scheme from April 2021 to June 2023 to smuggle tobacco into DPRK and pay in US dollars, violating US sanctions. The operation used false shipping records and bulk cash to evade restrictions.

From Vietnam to Cambodia — A Wider Web

In the past, Kim Se Un also registered company in Cambodia. According to the POE report (S/2023/171, paras.155-157), Kim was the director of the Cambodia-based company U.J Import Export Co., Ltd (struck off by Cambodian authorities in December 2019, Figure 1).

Cooperated with Ri Chol Nam

Moreover, the POE reported Kim cooperated with Ri Chol Nam (리철남) (Figure 2,3), who was involved in money laundering, brokering sales of weapons, diamonds, and gold, and other illicit financial activities linked to the DPRK. Ri also engaged in potential sales of military-related equipment, including bulletproof vests acquired from third countries for resale.

The Expanding DPRK Network: Who’s Next?

DPRK Monitor will update Kim Se Un’s network!

Figure 1

Source: Cambodian corporate registry (Edited by DPRK Monitor).

Figure 2

Source: DPRK Monitor.

Figure 3

Source: DPRK POE S/2023/171, annex 85.
Source: Maltego Graph Visualization (annotated by DPRK Monitor).

Use of AI by DPRK

DPRK IT workers may use AI-generated fake ID during job interviews. A report by cyber security company also indicate their use of real-time deepfake technology. The most effective detection method is passing a hand over the face, which disrupts facial landmark tracking. Other recommended techniques include:

  • Rapid head movements

  • Exaggerated facial expressions

  • Sudden lighting changes

Companies are advised to adopt layered detection strategies in coordination with their information security teams. Below is an example of DPRK tactics.

Source: KnowBe4.

The picture (right) is an AI-enhanced version of the person who we interviewed during the hiring process, where the applicant’s face was added over a completely different unrelated person’s “stock photography” picture (left) so they looked more professional with glasses and wearing formal work attire.”

Source: KnowBe4, “North Korean Fake Employees Are Everywhere! How to Protect Your Organization” (Annotated by DPRK Monitor)