North Korean IT Contractor Fraud
The United States Department of Justice has revealed details of the successful dismantling of a laptop farm that was generating revenue for illicit North Korean weapons programs. A US citizen, Matthew Knoot, was responsible for managing laptop farm that generated hundreds of thousands of dollars to fund North Korea’s illicit weapons program.
Knoot, helped North Korean IT workers to get hired by US and British companies under false identities.
The companies would send their laptops to the fake employees after being hired to work remotely, allowing Knoot to install unauthorised remote access software to allow North Korean IT workers to log on from locations in China, while appearing to be working from locations in the US.
The US Justice Dept. indictment details a complex operation where Knoot allegedly used stolen identities to obtain remote work for North Korean nationals, who were pretending to be US citizens. These workers, based abroad, gained six-figure salaries which were laundered through international transfers to disguise their origins.
Working with others, Knoot enabled these schemes through the use of unauthorised software installations on company-provided laptops. While the work was completed on US-based computers, Knoot and his co-conspirators earned a percentage of the salary, with the rest sent abroad.
Knoot faces multiple charges, including conspiracy to damage protected computers and money laundering, carrying a maximum potential sentence of 20 years in prison if convicted.
North Korean-led Remote Working schemes has been a problem for both governments and the cyber security industry. Last month, security awareness training company KnowBe4 said that it had found and fired a newly hired software engineer on its internal IT team after the company realised it was actually a person controlled by a North Korean threat actor.
US Dept of Justice | Reuters | Williamson County Source | DL News | Cyberscoop | Inc |
Image: Ideogram
You Might Also Read:
Most Wanted - North Korean Hackers:
If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.
- Individual £5 per month or £50 per year. Sign Up
- Multi-User, Corporate & Library Accounts Available on Request
- Inquiries: Contact Cyber Security Intelligence
Cyber Security Intelligence: Captured Organised & Accessible