Summary: North Korea’s IT workers are expanding their operations beyond the U.S. and increasingly targeting organizations across Europe. Posing as remote freelance IT employees, they use deceptive tactics and online platforms to secure jobs, allowing the DPRK regime to generate revenue while evading sanctions. Security researchers have identified various European countries being targeted, highlighting a concerning trend in illicit activities.
Affected: Organizations across Europe, including Germany, Portugal, and the United Kingdom
Keypoints :
- DPRK IT workers use laptop farms and fake identities to appear as remote employees.
- Recruitment occurs through platforms like Upwork, Telegram, and Freelancer, with payments often in cryptocurrency.
- North Korean IT workers have been linked to attacks on sensitive sectors like defense and government in Europe.
- The U.S. has issued indictments and sanctions against North Korean nationals and their front companies for these fraudulent schemes.