US officials say North Korea pulled off an elaborate plan to trick American companies into hiring thousands of skilled IT workers who later sent the money they earned back to be used for the country's weapons program. The FBI and the Justice Department (DOJ) said they shut down 17 websites that were used by IT worker to "defraud US and foreign businesses, evade sanctions and fund the development of the Democratic People’s Republic of Korea government’s weapons program." They also seized $1.5 million as part of the ongoing investigation, according to a press release Wednesday.
According to DOJ, North Korea hired IT workers who were sent to live abroad in countries like China and Russia, then used fake identities to get hired by U.S. companies. The workers would get hired as freelance remote employees by fooling many companies into believing they were based in the US. Tricks they used to do so included paying Americans to be able to use their home Wi-Fi. “The Democratic People’s Republic of Korea has flooded the global marketplace with ill-intentioned information technology workers to indirectly fund its ballistic missile program. The seizing of these fraudulent domains helps protect companies from unknowingly hiring these bad actors and potentially damaging their business,” reported the Special Agent in Charge of the FBI's St. Louis Division said.[1]
FBI warns employers to be vigilant when hiring. The 17 sites that were shut down were created by some of the workers to look like legitimate US-based IT service companies, which helps them hide their identities and locations when they apply for US jobs.
This scheme, which went on for years, generated millions for North Korean agencies involved in country's weapons of mass destruction program, such as the Ministry of Defense. These programs are prohibited by the United Nations. Additionally DOJ said, the workers also would steal information and keep access to records so they can hack into systems later. The FBI warned employers that the scheme is prevalent and they should be vigilant about whom they hire. "Without due diligence, companies risk losing money or being compromised by insider threats they unknowingly invited inside their systems," it said.[2]
This article is presented at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization and has reported extensively on AI technology. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5993554863383553632
[1] https://www.msn.com/en-us/news/us/north-korean-it-workers-in-us-sent-millions-to-fund-weapons-program-officials-say/ar-AA1izW3s
[2] https://www.justice.gov/opa/pr/justice-department-announces-court-authorized-action-disrupt-illicit-revenue-generation
Comments