US confiscates domains used by North Korea to circumvent sanctions

[Carding 4 Carders]

North Korea's IT specialists used fraudulent schemes to finance the country's ballistic missile program.

US authorities have seized 17 domain names controlled by North Korean IT professionals. It is alleged that the domains were used in a large-scale fraudulent project to enrich, circumvent international sanctions and finance the DPRK's ballistic program.

The country's Justice Department also seized funds in the amount of about $ 1.5 million earned from October 2022 to January 2023 as a result of these activities. Court documents say that IT professionals were tricked into working for companies in the United States and other countries, while hiding their real identities.

According to the agency, the seized domains were disguised as real IT companies from the United States in order to hide the real data of Korean specialists. In fact, these employees were associated with the Chinese company Yanbian Silverstar and the Russian company Volasys Silver Star, which were sanctioned in 2018.

The list of confiscated domains includes:

• silverstarchina[.]com
• edenprogram[.]com
• xinlusoft[.]com
• foxvsun[.]com
• foxysunstudio[.]com
• foxysunstudios[.]com
• cloudbluefox[.]com
• cloudfoxhub[.]com
• mycloudfox[.]com
• thefoxcloud[.]com
• thefoxesgroup[.]com
• babyboxtech[.]com
• cloudfox[.]cloud
• danielliu[.]info
• jinyang[.]asia
• jinyang[.]services
• ktsolution[.]tech

In addition, the US and South Korean authorities recommend that companies exercise caution when hiring IT freelancers, as any of them may turn out to be an agent from North Korea. It is reported that such specialists work in the interests of Kim Jong-un: they are embedded in foreign companies, helping special services steal important information and distribute malware, including spyware.