Using virtual private networks (VPNs) and online payment platforms, North Korean workers are apparently getting freelance work in the tech sector, particularly in crypto.
The Departments of Justice, State and the Treasury released a joint advisory warning of the development on May 16.
“The DPRK has dispatched thousands of highly skilled IT workers around the world, earning revenue for the DPRK that contributes to its weapons programs in violation of U.S. and UN sanctions,” the advisory reads.
Among industries targeted, cryptocurrency is among the first the advisory names. The advisory goes on to identify “Requests for payment in cryptocurrency” as a red flag for companies to be on the alert for in making new hires.
The government departments proceed to outline the means that workers in North Korea use false documentation or proxy identities to get work via online freelance platforms. In addition to earning income for the North Korean regime, the agencies say they use privileged access to information to stage intrusions.
The work of North Korea’s hacking program — most infamously Lazarus Group — is long. Just recently, the US government identified a $600 million hack of Axie Infinity’s Ronin Network as the work of the group. The Office of Foreign Asset Control subsequently sanctioned a roster of wallet addresses associated with those funds after the hack.
