Security News > 2023 > October > North Korean hackers are targeting software developers and impersonating IT workers

State-sponsored North Korean hackers have significantly intensified their focus on the IT sector in recent years, by infiltrating firms developing software and companies lookind for IT workers.

"In past operations, Diamond Sleet and other North Korean threat actors have successfully carried out software supply chain attacks by infiltrating build environments," Microsoft noted.

North Korean state-sponsored hackers have been linked to a social engineering campaign targeting software developers through GitHub.

North Korean IT workers are also taking advantage of the shortage of skilled employees and have been contacting recruiters from companies offering software development and other IT jobs.

On Tuesday, the FBI seized 17 website domains used by North Korean IT workers and made to look like they belong to legitimate, US-based IT services companies.

"Through this scheme, which involves the use of pseudonymous email, social media, payment platform and online job site accounts, as well as false websites, proxy computers located in the United States and elsewhere, and witting and unwitting third parties, the IT workers generated millions of dollars a year on behalf of designated entities, such as the North Korean Ministry of Defense and others, directly involved in the DPRK's UN-prohibited WMD programs. In some instances, the IT workers also infiltrated the computer networks of unwitting employers to steal information and maintain access for future hacking and extortion schemes."

News URL

https://www.helpnetsecurity.com/2023/10/20/north-korean-hackers-it/