See More

North Koreans Creating Fake Applications to Land Crypto Jobs, Says Researchers

2 mins
Updated by Ryan James
Join our Trading Community on Telegram

In Brief

  • North Korean IT job applicants are copying information from LinkedIn profiles to land jobs in rich countries.
  • Researchers worry that exposure to the latest cutting-edge trends in cryptocurrencies could enable sophisticated sanctions evasion.
  • This after traditional banks hardened their infrastructure to avoid illicit fund flows.
  • promo

Cybersecurity experts claim North Korean hackers are posing as job applicants for crypto jobs in wealthy countries to fund government operations.

So-called North Korean software developers are scraping LinkedIn and job site Indeed to steal profile information from legitimate applicants to apply for jobs at U.S. crypto firms.

Security researchers at the cybersecurity firm Mandiant found an application from a supposed software developer that matched the semantics of an existing profile.

Researchers say the North Koreans can get a head start on emerging cryptocurrency trends from cryptocurrency firms if employed, giving them cutting-edge tools to evade sanctions imposed on Pyongyang. In other words, firms could face potential danger from insiders.

Tentacles continue to spread

But the tactics don’t stop there. Analysts say North Koreans are finding novel ways to find a position from which they can send money back home. Some applicants claim to have authored a whitepaper about a cryptocurrency exchange Bibox. Another pretended to be a senior software developer at a blockchain consultancy firm. Researchers also found freelance positions at certain undisclosed crypto firms filled by North Koreans.

They have also seeded the popular software repository site GitHub with questions, as the site is a nerve center for discussing trends in the cryptocurrency industry and is a hub of collaboration between software developers.

In May, the U.S. government issued guidance on information technology workers from North Korea. The note warned American employers that the communist state dispatches skilled IT workers to generate income for developing weapons of mass destruction. In-demand skill-sets such as app and software development are being filled by North Koreans that pretend to be of a different nationality. Popular pseudo-nationalities include South Korean, Chinese, Japanese, and eastern European. While many of these jobs are legitimately carried out, the U.S. government explained that some freelancers had exploited access to sensitive data to feed the regime back home.

Lazarus Group joins the fray

According to Alphabet Inc.’s Google, North Korean hackers are suspected of having hacked career site Indeed.com to collect applicant data that can be used to strike up conversations that eventually lead to a breach of applicants’ machines, according to Ryan Kalember from Proofpoint Inc. He added that fake websites are becoming increasingly convincing.

Hackers from the notorious collective known as the Lazarus Group sent bogus emails offering people jobs at Lockheed Martin. The emails used social engineering methods that appealed to people’s egos and contained seemingly-innocent attachments laced with malicious code.

The Lazarus Group is also suspected of being behind the $600 million-plus hack of the Ronin sidechain used in the NFT game Axie Infinity earlier this year.

Researchers at Mandiant suggest that North Korea’s focus on end-users, crypto businesses, and sidechains comes after traditional financial institutions hardened their cybersecurity to avoid becoming victims of illicit fund flows.

What do you think about this subject? Write to us and tell us!

Top crypto platforms in the US | April 2024
Coinbase Coinbase Explore →
AlgosOne AlgosOne Explore →
Chain GPT Chain GPT Explore →
iTrustCapital iTrustCapital Explore →

Trusted

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

David-Thomas.jpg
David Thomas
David Thomas graduated from the University of Kwa-Zulu Natal in Durban, South Africa, with an Honors degree in electronic engineering. He worked as an engineer for eight years, developing software for industrial processes at South African automation specialist Autotronix (Pty) Ltd., mining control systems for AngloGold Ashanti, and consumer products at Inhep Digital Security, a domestic security company wholly owned by Swedish conglomerate Assa Abloy. He has experience writing software in C,...
READ FULL BIO
Sponsored
Sponsored