Security News > 2023 > October > North Korean hackers are targeting software developers and impersonating IT workers

State-sponsored North Korean hackers have significantly intensified their focus on the IT sector in recent years, by infiltrating firms developing software and companies lookind for IT workers.
"In past operations, Diamond Sleet and other North Korean threat actors have successfully carried out software supply chain attacks by infiltrating build environments," Microsoft noted.
North Korean state-sponsored hackers have been linked to a social engineering campaign targeting software developers through GitHub.
North Korean IT workers are also taking advantage of the shortage of skilled employees and have been contacting recruiters from companies offering software development and other IT jobs.
On Tuesday, the FBI seized 17 website domains used by North Korean IT workers and made to look like they belong to legitimate, US-based IT services companies.
"Through this scheme, which involves the use of pseudonymous email, social media, payment platform and online job site accounts, as well as false websites, proxy computers located in the United States and elsewhere, and witting and unwitting third parties, the IT workers generated millions of dollars a year on behalf of designated entities, such as the North Korean Ministry of Defense and others, directly involved in the DPRK's UN-prohibited WMD programs. In some instances, the IT workers also infiltrated the computer networks of unwitting employers to steal information and maintain access for future hacking and extortion schemes."
News URL
https://www.helpnetsecurity.com/2023/10/20/north-korean-hackers-it/
Related news
- North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware (source)
- North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack (source)
- North Korean hackers spotted using ClickFix tactic to deliver malware (source)
- North Korean hackers linked to $1.5 billion ByBit crypto heist (source)
- OpenAI bans ChatGPT accounts used by North Korean hackers (source)
- North Korean Hackers Steal $1.5B in Cryptocurrency (source)
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- Safe{Wallet} Confirms North Korean TraderTraitor Hackers Stole $1.5 Billion in Bybit Heist (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- North Korean Lazarus hackers infect hundreds via npm packages (source)