Man
Professional
- Messages
- 3,222
- Reaction score
- 877
- Points
- 113
How China helps hide North Korean IT specialists and their tracks.
U.S. agencies have identified and disrupted a number of front companies linked to North Korea that use a network of IT specialists to circumvent sanctions and fund government programs, including weapons development. An analysis by SentinelLabs found that these companies were actively established in China and elsewhere to disguise North Korean workers and manage their income.
North Korea organizes the activities of IT specialists around the world, using false identities and forged documents to obtain remote contracts in the fields of software development, blockchain and cryptocurrencies. The main goal is to circumvent international sanctions and generate income for the regime. Shell companies help hide the origins of workers, enable payments through cryptocurrencies, shady banking schemes, and Chinese banks, which ultimately fund government programs.
Examples of such companies include Independent Lab LLC, Shenyang Tonywang Technology LTD, Tony WKJ LLC, and HopanaTech, whose websites were copies of the pages of legitimate American IT companies. These sites, registered through popular domain registrars and hostings, looked like ordinary platforms for IT consulting services. However, after a detailed analysis, it became clear that their content, including testimonials and marketing materials, was borrowed from legitimate sites without significant changes. All four companies were recently shut down by U.S. authorities and their domains confiscated.
In addition, SentinelLabs found links to other active front companies, including those registered in China, such as Shenyang Huguo Technology Ltd. This company used the same methods of spoofing websites, copying content from the websites of Indian IT companies. A connection with individuals who registered many other companies, including in the restaurant sector, was also revealed, which can serve as a cover for illegal activities.
North Korea's tactics demonstrate a high degree of adaptability, allowing the global digital economy to be effectively used for its needs. These activities pose significant risks to companies, including intellectual property leaks, malware injections, and legal violations. To prevent such threats, businesses are advised to carefully check potential contractors and partners, strengthening control over the supply chain.
The SentinelLabs study highlights the importance of awareness and a comprehensive approach to combating such schemes in order to prevent their further development and protect global markets.
Source
U.S. agencies have identified and disrupted a number of front companies linked to North Korea that use a network of IT specialists to circumvent sanctions and fund government programs, including weapons development. An analysis by SentinelLabs found that these companies were actively established in China and elsewhere to disguise North Korean workers and manage their income.
North Korea organizes the activities of IT specialists around the world, using false identities and forged documents to obtain remote contracts in the fields of software development, blockchain and cryptocurrencies. The main goal is to circumvent international sanctions and generate income for the regime. Shell companies help hide the origins of workers, enable payments through cryptocurrencies, shady banking schemes, and Chinese banks, which ultimately fund government programs.
Examples of such companies include Independent Lab LLC, Shenyang Tonywang Technology LTD, Tony WKJ LLC, and HopanaTech, whose websites were copies of the pages of legitimate American IT companies. These sites, registered through popular domain registrars and hostings, looked like ordinary platforms for IT consulting services. However, after a detailed analysis, it became clear that their content, including testimonials and marketing materials, was borrowed from legitimate sites without significant changes. All four companies were recently shut down by U.S. authorities and their domains confiscated.
In addition, SentinelLabs found links to other active front companies, including those registered in China, such as Shenyang Huguo Technology Ltd. This company used the same methods of spoofing websites, copying content from the websites of Indian IT companies. A connection with individuals who registered many other companies, including in the restaurant sector, was also revealed, which can serve as a cover for illegal activities.
North Korea's tactics demonstrate a high degree of adaptability, allowing the global digital economy to be effectively used for its needs. These activities pose significant risks to companies, including intellectual property leaks, malware injections, and legal violations. To prevent such threats, businesses are advised to carefully check potential contractors and partners, strengthening control over the supply chain.
The SentinelLabs study highlights the importance of awareness and a comprehensive approach to combating such schemes in order to prevent their further development and protect global markets.
Source