Security News > 2022 > May > North Korean devs pose as US freelancers and aid DRPK govt hackers
Thousands of North Korean "Highly skilled IT workers," at the direction of or forced by their government are targeting freelance jobs at organizations in wealthier nations.
In some cases, DPRK's dispatched wage earners - typically located in China, Russia, Africa, and Southeast Asia, have aided with selling data stolen in attacks from North Korean hackers.
To get into the desired position, the North Korea's IT workers often pretend to be teleworkers located in the U.S. or other non-sanctioned country.
"The North Korean government withholds up to 90 percent of wages of overseas workers which generates an annual revenue to the government of hundreds of millions of dollars" - the U.S. Government.
To obfuscate their true identity and pass as an individual from a non-sanctioned country, North Korean IT workers often change their names, use virtual private network connections, or use IP addresses from other regions.
"In establishing accounts with the aid of other freelance workers, DPRK IT workers may claim to be third-country nationals who need U.S. or other Western identification documents and freelance platform accounts to earn more money" - the U.S. Government.
News URL
Related news
- North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks (source)
- US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers (source)
- US says Chinese hackers breached multiple telecom providers (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- North Korean hackers pave the way for Play ransomware (source)
- North Korean hackers employ new tactics to compromise crypto-related businesses (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- North Korean hackers create Flutter apps to bypass macOS security (source)