North Korean IT Workers Threat Expands Beyond US, Says Google
- North Korean IT workers are infiltrating European crypto companies, as per Google Threat Intelligence Group.
- They falsely claim to be from other countries and generate revenue for North Korea through their remote jobs.
As per the latest Google Threat Intelligence Group (GTIG) report, North Korean IT workers are spreading threats across the globe beyond the US. The last time it published a report on North Korean hackers was in September 2024, and the scope and scale of these people have expanded beyond the US in the last few months.
North Korean IT workers are falsely claiming that they are from other countries and getting jobs in various companies in the UK and Europe. All these organizations that hire IT workers from North Korea are at risk of espionage, data theft, and disruption, as per GTIG’s latest post on X.
UK Projects Undertaken by North Korean IT Hackers
The report even identified multiple projects that are under the DPRK IT workers. Most of these companies work in broader fields of web, bot, and CMS development, and blockchain technology.
Next.js, React, CosmosSDK, and Golang, are some of the projects that are associated with these workers. The report also found that AI tools and blockchain job marketplaces built using the MERN stack and Solana are also undertaken by these workers.
The bring-your-own-device (BYOD) culture in corporate firms is also posing data security threats. GTIG also found this BYOD culture is causing an increase in extortion threats. Thus, several former employees are threatening to leak companies’ source code and files.
GTIG adviser Jamie Collier concluded the report,
“Global expansion, extortion tactics, and the use of virtualized infrastructure all highlight the adaptable strategies employed by DPRK IT workers. In response to heightened awareness of the threat within the United States, they’ve established a global ecosystem of fraudulent personas to enhance operational agility.”
Blockchain analytics platform, Chainalysis, linked the largest Bybit hack worth $1.4 billion to North Korean hackers. They used sophisticated hacking and money laundering tactics. Within a few days, laundered stolen ETH and converted it into Bitcoin.
South Korea imposed sanctions on North Korean DPRK hackers in December 2024. The GTIG report is a wakeup call for corporate firms that hire IT workers on a remote basis from other countries and that encourage a BYOD working culture.
Highlighted Crypto News Today:
Franklin Templeton Eyes Bitcoin ETP in Europe as Crypto Adoption Grows
Read More
Google Warns UK Crypto Firms of North Korea-Linked Fraudsters
U.S. Job Data Sparks Rate Cut Speculation
North Korean IT Workers Threat Expands Beyond US, Says Google
- North Korean IT workers are infiltrating European crypto companies, as per Google Threat Intelligence Group.
- They falsely claim to be from other countries and generate revenue for North Korea through their remote jobs.
As per the latest Google Threat Intelligence Group (GTIG) report, North Korean IT workers are spreading threats across the globe beyond the US. The last time it published a report on North Korean hackers was in September 2024, and the scope and scale of these people have expanded beyond the US in the last few months.
North Korean IT workers are falsely claiming that they are from other countries and getting jobs in various companies in the UK and Europe. All these organizations that hire IT workers from North Korea are at risk of espionage, data theft, and disruption, as per GTIG’s latest post on X.
UK Projects Undertaken by North Korean IT Hackers
The report even identified multiple projects that are under the DPRK IT workers. Most of these companies work in broader fields of web, bot, and CMS development, and blockchain technology.
Next.js, React, CosmosSDK, and Golang, are some of the projects that are associated with these workers. The report also found that AI tools and blockchain job marketplaces built using the MERN stack and Solana are also undertaken by these workers.
The bring-your-own-device (BYOD) culture in corporate firms is also posing data security threats. GTIG also found this BYOD culture is causing an increase in extortion threats. Thus, several former employees are threatening to leak companies’ source code and files.
GTIG adviser Jamie Collier concluded the report,
“Global expansion, extortion tactics, and the use of virtualized infrastructure all highlight the adaptable strategies employed by DPRK IT workers. In response to heightened awareness of the threat within the United States, they’ve established a global ecosystem of fraudulent personas to enhance operational agility.”
Blockchain analytics platform, Chainalysis, linked the largest Bybit hack worth $1.4 billion to North Korean hackers. They used sophisticated hacking and money laundering tactics. Within a few days, laundered stolen ETH and converted it into Bitcoin.
South Korea imposed sanctions on North Korean DPRK hackers in December 2024. The GTIG report is a wakeup call for corporate firms that hire IT workers on a remote basis from other countries and that encourage a BYOD working culture.
Highlighted Crypto News Today:
Franklin Templeton Eyes Bitcoin ETP in Europe as Crypto Adoption Grows
Read More
Google Warns UK Crypto Firms of North Korea-Linked Fraudsters