North Korean IT Contractor Fraud

Uploaded on 2024-08-20 in BUSINESS-Services-IT & Telecoms, FREE TO VIEW, INTELLIGENCE-Hot Spots-North Korea, NEWS-Cybersecurity News

The United States Department of Justice has revealed details of the successful dismantling of a laptop farm that was generating revenue for illicit North Korean weapons programs. A US citizen, Matthew Knoot, was responsible for managing laptop farm that generated hundreds of thousands of dollars to fund North Korea’s illicit weapons program.

Knoot, helped North Korean IT workers to get hired by US and British companies under false identities. 

The companies would send their laptops to the fake employees after being hired to work remotely, allowing Knoot to  install unauthorised remote access software to allow North Korean IT workers to log on from locations in China, while appearing to be working from locations in the US.

The US Justice Dept. indictment details a complex operation where Knoot allegedly used stolen identities to obtain remote work for North Korean nationals, who were pretending to be US citizens. These workers, based abroad, gained six-figure salaries which were laundered through international transfers to disguise their origins. 

Working with others, Knoot enabled these schemes through the use of unauthorised software installations on company-provided laptops. While the work was completed on US-based computers, Knoot and his co-conspirators earned a percentage of the salary, with the rest sent abroad. 

Knoot faces multiple charges, including conspiracy to damage protected computers and money laundering, carrying a maximum potential sentence of 20 years in prison if convicted.

North Korean-led Remote Working schemes has been a problem for both governments and the cyber security industry. Last month, security awareness training company KnowBe4 said that it had found and fired a newly hired software engineer on its internal IT team after the company realised it was actually a person controlled by a North Korean threat actor.

US Dept of Justice   |    Reuters   |    Williamson County Source   |    DL News   |     Cyberscoop   |     Inc   |   

 Cyber Daily  

Image: Ideogram

You Might Also Read: 

Most Wanted - North Korean Hackers:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Quantum Computing Security Could Solve The Data Sovereignty Challenge
APT42: Iranian Hackers At Work »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Infigo IS

Infigo IS

INFIGO IS specializes in information security consulting services. Our employees are leading information security experts in Croatia.

Oznet Cyber Security

Oznet Cyber Security

Oznet Cyber Security is dedicated to offering integral solutions oriented to the support and security of information.

Asvin

Asvin

Asvin provides secure update management and delivery for Internet of Things - IoT Edge devices.

ReFirm Labs

ReFirm Labs

ReFirm Labs provides the tools you need for firmware security, vetting, analysis and continuous IoT security monitoring.

Gula Tech Adventures

Gula Tech Adventures

Gula Tech Adventures invests in companies and nonprofits that help close the gap in needed technology and workforce to defend the country in cyberspace.

Iterasec

Iterasec

Iterasec provides a full range of security services to hacker-proof your products and make software engineering process secure by design.

Arqit Quantum

Arqit Quantum

Arqit's mission is to use transformational quantum encryption technology to keep safe the data of our governments, enterprises and citizens.

Information Services Group (ISG)

Information Services Group (ISG)

As a leading global research and advisory firm, ISG partners with our clients to determine a future vision, lead rapid change and realize the value of your digital investments at scale.

SecurityStudio

SecurityStudio

SecurityStudio is a continuous cybersecurity risk management platform that allows decision-makers to quickly identify the most immediate threats and make confident risk informed decisions.

Innov8tif

Innov8tif

Innov8tif is an AI company specialised in providing ID assurance solutions — helping digital businesses to prevent frauds by verifying and authenticating customers identity.

Pistachio

Pistachio

Pistachio is the new evolution of cybersecurity awareness training and attack simulations.

Nukke

Nukke

Nukke offers advanced cybersecurity software and tailored solutions for your business.

Saidot

Saidot

Saidot is a Finnish AI governance and alignment company committed to helping businesses safely and transparently integrate AI into their operations.

Amplifier Security

Amplifier Security

Amplifier Security are on a mission to empower security teams to modernize their practice by connecting the dots between their security stack and their people.

Computer Futures

Computer Futures

Computer Futures are a global specialist IT recruitment partner, matching candidates with roles across niche IT markets and core technologies.

Diverto

Diverto

Diverto is a company that provides a high level of information security to companies, institutions and other organisations in an information-centric world.