Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

US lady helped North Korean IT staff infiltrate 300 firms

​The U.S. Justice Division charged 5 people at the moment, a U.S. Citizen lady, a Ukrainian man, and three overseas nationals, for his or her involvement in cyber schemes that generated income for North Korea’s nuclear weapons program.

They have been allegedly concerned between October 2020 and October 2023 in a marketing campaign coordinated by the North Korean authorities “to infiltrate U.S. job markets through fraud in an effort to raise revenue for the North Korean government and its illicit nuclear program.”

Two of them, Christina Marie Chapman and Oleksandr Didenko, have been arrested on Could 15 in Litchfield Park, Arizona, and in Poland on Could 7, 2024, with the DOJ now in search of Didenko’s extradition to the US.

They have been each charged with conspiracy to defraud the US, aggravated identification theft, and conspiracy to commit cash laundering, wire fraud, identification fraud, and financial institution fraud.

Three different overseas nationals, recognized solely by their aliases (Jiho Han, Haoran Xu, and Chunji Jin), have been additionally charged with conspiracy to commit cash laundering.

If convicted, Chapman faces a most of 97.5 years in jail, whereas Didenko’s most penalty can attain 67.5 years. Every of the John Does additionally faces a most penalty of 20 years.

“Chapman and her co-conspirators committed fraud and stole the identities of American citizens to enable individuals based overseas to pose as domestic, remote IT workers,” mentioned Nicole M. Argentieri, the pinnacle of the Justice Division’s Legal Division.

In the present day, the U.S. State Division introduced a reward of as much as $5 million for any info associated to Chapman’s co-conspirators, the North Korean IT staff charged at the moment, and their supervisor, solely generally known as Zhonghua.

Reward for information on North Korean IT workers
Reward for info on North Korean IT staff (State Division)

North Koreans labored remotely through U.S. laptop computer farms

In line with the indictment, Chapman housed the North Korean IT staff’ computer systems in her own residence, making a “laptop farm” to make it seem as if her co-conspirators’ units have been in the US.

They have been employed as distant software program and utility builders with a number of Fortune 500 firms, together with an aerospace and protection firm, a significant tv community, a Silicon Valley expertise firm, and a high-profile firm.

They have been paid tens of millions for his or her work, and Chapman processed their paychecks from U.S. firms via her monetary accounts.

Didenko additionally ran an internet platform generally known as UpWorkSell (whose area was seized by the DOJ), knowingly offering providers to permit North Koreans to make use of false identities whereas trying to find distant IT work positions.

UpWorkSell seizure banner
UpWorkSell seizure banner (BleepingComputer)

“Didenko is alleged to have managed as many as approximately 871 proxy identities, provided proxy accounts for three freelance IT hiring platforms, and provided proxy accounts for three different money service transmitters,” the DOJ mentioned.

“In coordination with co-conspirators, Didenko facilitated the operation of at least three U.S.-based ‘laptop farms,’ hosting approximately 79 computers. Didenko sent or received $920,000 in U.S.D. payments since July 2018.”

Their scheme compromised over 60 U.S. identities and affected greater than 300 U.S. firms. It additionally resulted in false tax liabilities for greater than 35 U.S. residents and generated a minimum of $6.8 million in income for abroad IT staff.

In the present day, the FBI additionally issued an advisory with extra info on how North Korea’s IT staff undermine the safety of firms that rent them and steering on the way to spot North Korean IT employee schemes.

Beforehand, the US additionally revealed joint advisories with overseas companions warning of North Korean IT employee schemes and sanctioned a number of organizations concerned in North Korea’s IT employee income technology schemes.

Recent articles

Juniper Warns of Mirai Botnet Concentrating on SSR Gadgets with Default Passwords

Dec 19, 2024Ravie LakshmananMalware / Botnet Juniper Networks is warning...

New Cell Phishing Targets Executives with Faux DocuSign Hyperlinks

KEY SUMMARY POINTS Focused Assaults: Subtle spear phishing campaigns are...

Fortinet Warns of Important FortiWLM Flaw That May Result in Admin Entry Exploits

Dec 19, 2024Ravie LakshmananVulnerability / Community Safety Fortinet has issued...