Security News > 2022 > May > North Korean devs pose as US freelancers to aid DRPK govt hackers
Thousands of North Korean "Highly skilled IT workers," at the direction of or forced by their government are targeting freelance jobs at organizations in wealthier nations.
In some cases, DPRK's dispatched wage earners - typically located in China, Russia, Africa, and Southeast Asia, have aided with selling data stolen in attacks from North Korean hackers.
To get into the desired position, the North Korea's IT workers often pretend to be teleworkers located in the U.S. or other non-sanctioned country.
"The North Korean government withholds up to 90 percent of wages of overseas workers which generates an annual revenue to the government of hundreds of millions of dollars" - the U.S. Government.
To obfuscate their true identity and pass as an individual from a non-sanctioned country, North Korean IT workers often change their names, use virtual private network connections, or use IP addresses from other regions.
"In establishing accounts with the aid of other freelance workers, DPRK IT workers may claim to be third-country nationals who need U.S. or other Western identification documents and freelance platform accounts to earn more money" - the U.S. Government.
News URL
Related news
- US sanctions APT31 hackers behind critical infrastructure attacks (source)
- A “cascade” of errors let Chinese hackers into US government inboxes (source)
- US Health Dept warns hospitals of hackers targeting IT help desks (source)
- Microsoft Warns: North Korean Hackers Turn to AI-Fueled Cyber Espionage (source)