US Federal agencies warn businesses against mistakenly hiring North Korean hackers
North Korean entities have dispatched thousands of skilled IT workers worldwide to get employment and generate funds for its missile program.
The Federal Bureau of Investigations (FBI) has alerted the general public and businesses against unwittingly hiring North Korean IT workers.
In a joint statement released with the U.S. Department of Treasury and Department of State, the federal agency stated that doing so could result in sanctions from the UN and the U.S. and reputational damage.
US businesses should be careful when hiring North Koreans
According to the advisory statement, North Korean hackers pose as non-North Korean nationals to secure employment. The country has increased its focus on training IT professionals.
U.S. officials revealed that several North Korean entities dispatch thousands of highly skilled IT workers worldwide to get employment. The revenue generated by these workers is reportedly used to fund North Korea’s “weapons of mass destruction (WMD) and ballistic missile programs, in violation of U.S. and UN sanctions.”
These hackers exploit the existing demand for highly skilled IT professionals to get jobs using online job platforms. Mostly, they use stolen identities and forged documents.
The advisory continued that while not all of these workers engage in malicious activities directly, they gain access to privileged information.
This information has enabled North Korean cyber intrusions. Beyond that, these freelancers also send part of their income to North Korea to fund its weapons program.
The 16-page advisory didn’t give specific cases where these IT workers have been behind cybercrime activities. However, it did provide examples of the methods and strategies for getting employment and how they operate.
North Korean hackers help to launder stolen crypto funds
The FBI also mentioned crypto in its advisory, stating that some North Korean IT workers based abroad assist the country in laundering money and transferring crypto assets. In the light of this, it called on operators of digital asset platforms to be very cautious.
The advisory listed the potential red flags for North Korean IT contractors’ activity. These include:
- Multiple logins into one account from various IP addresses in a short time frame.
- Developer accounts use a fraudulent client account to increase developer account ratings.
- Refusal to participate in video calls. Etc.
Recently, the FBI claimed North Korea-backed Lazarus Group was responsible for stealing more than $600 million by exploiting Axie Infinity. In addition, crypto founder Arthur Cheong also warned that these hackers are targeting crypto companies using sophisticated methods.