US agencies warn against the influx of North Koreans in IT and crypto jobs online

Published at: May 17, 2022

The United States Department of Justice, State and the Treasury issued a joint advisery warning against the influx of North Korean workers in various freelance tech jobs, especially in the crypto industry

The public advisory was released on Friday, highlighting the critical red flags and identifiers for private firms to avoid hiring North Korean workers. The U.S. agencies warned that these workers pose a range of risks including theft of intellectual property, data and funds that could be used to violate sanctions.

There has been a significant increase in the freelance job market due to the pandemic, and crypto being a decentralized sector, offers some of the most lucrative IT jobs in the current industry. This is the reason for concern for the U.S. agencies who are wary of North Korea’s interest in the crypto sector.

The advisory noted that North Korean workers often use virtual private networks (VPNs) to purchase third-country IP addresses and stolen identities to hide their origin country. The advisory further read:

“These workers develop applications and software spanning a range of sectors, including, but not limited to, business, cryptocurrency, health and fitness, social networking, sports, entertainment and lifestyle.”

To identify and weed out such workers from the U.S.-based companies, the advisery listed various red flags to be wary of, including inconsistencies in name spelling, nationality, claimed work location, contact information, educational history, work history and other details across a developer’s freelance platform profiles.

Request for payments in cryptocurrency and frequent transfer of money to People’s Republic of China-based bank accounts were other critical red flags listed in the advisory.

Related: North Korea-obsessed Ethereum dev gets 5 years for breaking sanctions

North Korea has been infamous for stealing money through various ransomware attacks and hacks and is home to one of the most notable hacking groups called Lazarus. The recent Axie Inifity’s Ronin Bridge hack that resulted in a loss of over $600 million worth of crypto was also tied to the same hacking group.

Tags
Related Posts
Digital intelligence must overcome challenges to solving crypto crimes
While the value of cryptocurrencies has varied wildly in the last year, this has not diminished crypto’s attractiveness to criminals. Many of them are moving their illegal activities underground and outside the view of law enforcement. Because of the public nature of most blockchains, however, this rapid movement shouldn’t be a major concern to law enforcement agencies. With the right tools and training, following the proceeds of crypto-enabled crime is actually not as difficult as it may seem. However, intelligence agencies must have a cryptocurrency investigation plan that includes the right tools to lawfully collect digital evidence and the properly …
Technology / Aug. 20, 2021
US authorities go after 280 crypto accounts allegedly tied to North Korea
"The Justice Department today filed a civil forfeiture complaint detailing two hacks of virtual currency exchanges by North Korean actors," said an Aug. 27 statement from the U.S. Department of Justice, or DoJ. "These actors stole millions of dollars’ worth of cryptocurrency and ultimately laundered the funds through Chinese over-the-counter (OTC) cryptocurrency traders." The hackers allegedly utilized 280 different digital asset accounts. March 2020 saw details of a 2019 legal case surface, in which two Chinese nationals allegedly hijacked piles of crypto assets totaling $250 million. This ordeal appears to be connected with the present day news, the DoJ statement …
Blockchain / Aug. 27, 2020
Kim Jong Un May Be Using Stolen Crypto to Offset Economic Fallout
North Korean leader, Kim Jong-un, is reportedly backing a group of hackers. Their goal? Stealing cryptocurrencies like Bitcoin (BTC) using phishing scams. Sources indicate that the country has ramped up these efforts in an attempt to prevent a financial meltdown amid the COVID-19 crisis. A report published on May 13 by the U.K. Mirror claims that the Lazarus group, a hacking syndicate with alleged ties to the North Korean state, could be launching a cybercrime campaign of advanced persistent threat, or APT, attacks. Experts from Seoul-based firm, ESTsecurity, state that Lazarus is “increasingly engaging” in cybercrime activities in and out …
Bitcoin / May 14, 2020
‘Nobody is holding them back’ — North Korean cyber-attack threat rises
North Korea-backed cyberattacks on cryptocurrency and tech firms will only become more sophisticated over time as the country battles prolonged economic sanctions and resource shortages. Former CIA analyst Soo Kim told CNN on Sunday that the process of generating overseas crypto income for the regime has now become a “way of life” for the North Koreans: “In light of the challenges that the regime is facing — food shortages, fewer countries willing to engage with North Korea [...] this is just going to be something that they will continue to use because nobody is holding them back, essentially.” She also …
Blockchain / July 12, 2022
DeFi enjoys a prolific start to 2023: Finance Redefined
Welcome to Finance Redefined, your weekly dose of essential decentralized finance (DeFi) insights — a newsletter crafted to bring you significant developments over the last week. 2023 started on a bullish note for the entire crypto market, including the DeFi ecosystem, with most of the tokens posting double-digit gains in January and recording multi-month highs. Aside from the bull rally, January also saw a 93% year-on-year decline in losses from DeFi exploits and hacks. The slew of regulatory action against the Mango Markets exploiter is being hailed as a big win for the DeFi sector. The United States Securities and …
Regulation / Feb. 3, 2023