North Koreans are getting jobs in tech and digital assets, US warns

Getting your Trinity Audio player ready...

North Korean tech experts are mainly infamous for being some of the world’s most lethal hackers, and according to three U.S. governmental departments, they are now getting legitimate jobs in the tech and digital asset sectors.

In a joint statement, the Departments of Treasury, Justice, and State warned public and private entities against inadvertently recruiting North Korean IT professionals. The three believe that hiring these workers poses many risks ranging from theft of intellectual property and funds to reputational damage and legal consequences.

The statement alleges that North Korea has dispatched thousands of highly-skilled IT workers globally. These workers then earn revenue that the government supposedly uses for its weapons programs in violation of UN sanctions.

The workers are getting jobs in a wide range of sectors, including digital currency firms, social networking companies, health, fitness, sports and entertainment, and more. In most cases, they conceal their country of origin and even claim to be U.S.-based teleworkers. They have been known to use virtual private networks (VPNs), virtual private servers (VPSs), proxy accounts, and falsified or stolen data.

Once they gain access to these companies, they use this access “for illicit purposes, including enabling malicious cyber intrusions by other DPRK actors,” the three departments claim.

One of the red flags that companies must look out for is requests for payments in digital currencies, the statement says. This warning comes at a time when more people are choosing to take payment in digital currencies, as they are much cheaper and faster. In addition, setting up a wallet is relatively easy compared to using traditional banking and money transfer channels.

The U.S. has continually linked North Korea to most of the world’s largest hacking, malware, ransomware, and phishing campaigns. The latest is the $625 million Axie Infinity hack which the U.S. blamed on the Lazarus Group, a hackers’ collective that’s reportedly tied to and sponsored by the Kim Jong-un government. 

The East Asian country hasn’t taken the accusations lying down. A week ago, the country’s Ministry of Foreign Affairs dismissed the U.S. claims as “a nonsensical remark” and claimed that the Joe Biden government “has taken advantage of its hegemonic position in the IT industry to systematically commit espionage acts against other countries since a long time ago.”

Watch: CoinGeek New York presentation, FYI: Better Information Tools for a More Lawful Blockchain Industry