US Businesses Duped Into Hiring North Korean IT Workers
Is your freelance IT worker actually a North Korean operative?
According to the FBI, North Korea has been tricking US businesses into paying for remote freelance IT services from the country in an effort to fund the government’s weapons program.
On Wednesday, the Justice Department raised the alarm bells about the years-long scheme, saying it had seized 17 websites that North Korea used to dupe US companies and foreign firms into paying for the services. In other cases, the undercover North Korean workers stole information from their employers to pave the way for other hacks.
“Employers need to be cautious about who they are hiring and who they are allowing to access their IT systems,” said US Attorney Sayler Fleming for the Eastern District of Missouri. “You may be helping to fund North Korea’s weapons program or allowing hackers to steal your data or extort you down the line.”
Allegedly, North Korea has been orchestrating the scheme by sending its IT workers to China and Russia. There, they’ll create fake online accounts on social media and freelance contracting platforms pretending to be US-based IT workers. The same North Koreans will also resort to using VPNs and remote desktop software connected to US-based computers to appear like they work in North America.
“North Korean IT workers also either pay or deceive non-North Koreans to interview for jobs for them, accept payment for freelance projects, and videoconference with their employers when necessary,” an FBI affidavit says. “These non-North Koreans may not be aware that the IT workers are North Korean.”
For example, back in 2019, the FBI interviewed one US individual, who the North Koreans paid to buy four laptops. The North Korean then used remote access
Read more on pcmag.com
