Security News > 2022 > May > U.S. Warns Against North Korean Hackers Posing as IT Freelancers
Targets include financial, health, social media, sports, entertainment, and lifestyle-focused companies located in North America, Europe, and East Asia, with most of the dispatched workers situated in China, Russia, Africa, and Southeast Asia.
"The North Korean government withholds up to 90 percent of wages of overseas workers which generates an annual revenue to the government of hundreds of millions of dollars," the guidance noted.
Besides deliberately obfuscating their identities, locations, and nationality online by using VPNs and misrepresenting themselves as South Korean citizens, potential red flags indicating the involvement of DPRK IT workers are as follows -.
Using rogue client accounts on freelance work platforms to boost developer account ratings.
Multiple developer accounts receiving high ratings from one client account in a short time.
In one instance highlighted in the advisory, North Korean developers working for an unnamed U.S. company carried out an unauthorized theft of over $50,000 in 30 small installments without the firm's knowledge over the course of several months.
News URL
https://thehackernews.com/2022/05/us-warns-against-north-korean-hackers.html
Related news
- North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS (source)
- North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack (source)
- North Korean hackers spotted using ClickFix tactic to deliver malware (source)
- North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware (source)