Security News > 2022 > May > North Korean devs pose as US freelancers and aid DRPK govt hackers
Thousands of North Korean "Highly skilled IT workers," at the direction of or forced by their government are targeting freelance jobs at organizations in wealthier nations.
In some cases, DPRK's dispatched wage earners - typically located in China, Russia, Africa, and Southeast Asia, have aided with selling data stolen in attacks from North Korean hackers.
To get into the desired position, the North Korea's IT workers often pretend to be teleworkers located in the U.S. or other non-sanctioned country.
"The North Korean government withholds up to 90 percent of wages of overseas workers which generates an annual revenue to the government of hundreds of millions of dollars" - the U.S. Government.
To obfuscate their true identity and pass as an individual from a non-sanctioned country, North Korean IT workers often change their names, use virtual private network connections, or use IP addresses from other regions.
"In establishing accounts with the aid of other freelance workers, DPRK IT workers may claim to be third-country nationals who need U.S. or other Western identification documents and freelance platform accounts to earn more money" - the U.S. Government.
News URL
Related news
- US sanctions Chinese company linked to Flax Typhoon hackers (source)
- US Treasury hack linked to Silk Typhoon Chinese state hackers (source)
- Treasury hackers also breached US foreign investments review office (source)
- US cracks down on North Korean IT worker army with more sanctions (source)
- US sanctions Chinese firm, hacker behind telecom and Treasury hacks (source)
- Hackers game out infowar against China with the US Navy (source)
- Subaru Starlink flaw let hackers hijack cars in US and Canada (source)
- North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS (source)
- Spain arrests suspected hacker of US and Spanish military agencies (source)
- Suspected NATO, UN, US Army hacker arrested in Spain (source)