North Korea deployed 100,000 fake IT workers to infiltrate Western companies, making $500M a year for Kim Jong Un

DragonSlayer101

Posts: 987   +14
Staff
Facepalm: A massive army of IT workers has reportedly been mobilized by North Korean dictator Kim Jong-Un to infiltrate Western companies in what is believed to be one of the largest state-sponsored cyber crime syndicates in the world. The network reportedly relies on Western collaborators and uses open-source applications to carry out its illegal operations.

According to cybersecurity firms Flare Research and IBM X-Force, North Korea is using a network of more than 100,000 hackers, developers, and IT operatives to infiltrate global companies, steal people's private data, and funnel hundreds of millions of dollars to the Kim Jong-Un regime.

The report details how the rogue operatives are using state-of-the-art infrastructure to manage their operations, which include recruiting global IT workers and hiring US- and Europe-based brokers who facilitate financial transfers and operate server firms that enable the operations.

Many of the operatives do not even realize they are working for the North Korean government. According to the report, candidates often express "confusion rather than acceptance" when they're told they will have to adopt American names for their job, suggesting they have no idea they'd be working for Pyongyang under false American identities.

Fresh recruits are given detailed instructions on how to land jobs in Western companies. According to a document seen by the researchers, the workers are advised to address headhunters in these organizations by name in their applications, as that can apparently improve their chances of getting hired by 26%.

People with experience in WordPress, blockchain technologies, and Microsoft's .NET Framework are most in demand for these jobs. The operatives typically use custom North Korean software, such as NetKey VPN, as well as commercial VPN services, especially Astrill VPN, to obfuscate their IP addresses.

Other applications used by the operatives include decentralized open-source platforms, such as IP Messenger, to stay in contact with each other and their managers and handlers. Data obtained during the research also suggests the workers may sometimes use free proxy servers to connect to websites and services in the Western hemisphere.

The scheme reportedly generates around $500 million per year for the North Korean government, with most of it coming from global IT companies. In 2022, US government research indicated that some North Korea-based remote IT workers could be earning more than $300,000 from Western firms, with the vast majority being funneled to the regime.

The North Korean operatives have reportedly developed several ways to bypass traditional vetting processes, making them hard to identify. However, the researchers believe organizations can still keep them out of their workforce by getting to know their employees better and building a personal relationship with them from day one.

Permalink to story:

 
How can a company hire someone without knowing where they reside?
If they are pretending to be Americans, what about social security numbers and so on? How they pass through video interviews?

But what's most unbelievable is that N.Korea has 100K people that speak English and are good enough to be hired. It would be surprising if they had 100 computers .. and now all of a sudden 100K ITs??? There's something pretty suspicious here ...
 
How can a company hire someone without knowing where they reside?
If they are pretending to be Americans, what about social security numbers and so on? How they pass through video interviews?

But what's most unbelievable is that N.Korea has 100K people that speak English and are good enough to be hired. It would be surprising if they had 100 computers .. and now all of a sudden 100K ITs??? There's something pretty suspicious here ...
Maybe USA companies should learn to hire their own instead of people from other nations that hate the west... Just a thought. Perhaps the people running these companies are committing treason.
 
Intrigued but many questions. For just one, if you are one of the unknowing North Korean agents and most of your salary is going to the North Korean government, how do you not notice that you are not receiving what your paycheck and your boss say you are being paid?

In the US legitimate companies - the ones an intelligence service would want to infiltrate - typically comply with laws around documenting eligibility to work such as providing a passport or birth certificate. And even if North Korea has learned to make compelling fakes, how does the US not eventually catch on that there's a whole bunch of id numbers being reported in that paperwork that don't matching the source data?

More feasible perhaps would be at least a couple layers of indirection where maybe it's more like the US company thinks it is hiring an offshore services firm in India but it's really hiring a fake NK firm, or maybe the firm is real but that firm has hired the North Koreans. Still some logistics to explain.

If there was ever a time when I could be excited about employer spyware like the "is the employee moving their mouse" junk this would be the one time where I'd like to see the mandatory IT provided package that tries to reverse engineer a lot more about these networks...
 
A scenario:

One easy way to get around the companies need for documentation (work eligibility, Social Security, etc) is for the N. Koreans to setup a Temp agency (they are all over the place in the US) that provides "qualified, pre-screened" employees to those companies.

The companies pay the Temp agency and not the employees, the Temp agency then forwards the money to its real destination. The duped companies are happy they don't have to deal with income taxes, SS, etc for those employees, and possibly not even having an HR Dept!

In my early years I worked for a couple of Temp agencies. It worked just like that.

PS: There are also (high-end) Temp companies that work just as head-hunters / mediators that provide a (CEO level) candidate, get a commission from the company and that's the extent of their responsibility.
 
I, don't doubt this for a second. We, don't have any leaders, or those who are responsible for stopping this BS! Congress, are all CS, on both sides!!
 
Back