North Korean IT Contractor Fraud

Uploaded on 2024-08-20 in BUSINESS-Services-IT & Telecoms, FREE TO VIEW, INTELLIGENCE-Hot Spots-North Korea, NEWS-Cybersecurity News

The United States Department of Justice has revealed details of the successful dismantling of a laptop farm that was generating revenue for illicit North Korean weapons programs. A US citizen, Matthew Knoot, was responsible for managing laptop farm that generated hundreds of thousands of dollars to fund North Korea’s illicit weapons program.

Knoot, helped North Korean IT workers to get hired by US and British companies under false identities. 

The companies would send their laptops to the fake employees after being hired to work remotely, allowing Knoot to  install unauthorised remote access software to allow North Korean IT workers to log on from locations in China, while appearing to be working from locations in the US.

The US Justice Dept. indictment details a complex operation where Knoot allegedly used stolen identities to obtain remote work for North Korean nationals, who were pretending to be US citizens. These workers, based abroad, gained six-figure salaries which were laundered through international transfers to disguise their origins. 

Working with others, Knoot enabled these schemes through the use of unauthorised software installations on company-provided laptops. While the work was completed on US-based computers, Knoot and his co-conspirators earned a percentage of the salary, with the rest sent abroad. 

Knoot faces multiple charges, including conspiracy to damage protected computers and money laundering, carrying a maximum potential sentence of 20 years in prison if convicted.

North Korean-led Remote Working schemes has been a problem for both governments and the cyber security industry. Last month, security awareness training company KnowBe4 said that it had found and fired a newly hired software engineer on its internal IT team after the company realised it was actually a person controlled by a North Korean threat actor.

US Dept of Justice   |    Reuters   |    Williamson County Source   |    DL News   |     Cyberscoop   |     Inc   |   

 Cyber Daily  

Image: Ideogram

You Might Also Read: 

Most Wanted - North Korean Hackers:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Quantum Computing Security Could Solve The Data Sovereignty Challenge
APT42: Iranian Hackers At Work »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Telefonica Tech

Telefonica Tech

Telefónica Cyber Security Tech is focused on the prevention, detection and appropriate response to security incidents aimed at protecting your digital services.

Steptoe & Johnson

Steptoe & Johnson

Steptoe is an international law firm with offices in the USA, Europe and China. Practice areas include Cybersecurity, Privacy & National Security.

Upstream Security

Upstream Security

Upstream Security is the first cloud-based cyber-security solution that protects the technologies and applications of connected and autonomous vehicles.

Arcanum Information Security (AIS)

Arcanum Information Security (AIS)

Arcanum Information Security is a specialist Information Assurance Consultancy and a leading provider of Cyber Security services to UK Defence, UK Government, Enterprise businesses and SMEs.

CyPhyCon

CyPhyCon

CyPhyCon is an annual event exploring threats and solutions to cyber attacks on cyber-physical systems such as industrial control systems, Internet of Things and Industrial Internet of Things.

Global Cyber Risk (GCR)

Global Cyber Risk (GCR)

Global Cyber Risk is a technology and advisory services firm that provides first tier cybersecurity services to both large corporations and small and mid-sized businesses.

GRSi

GRSi

GRSi deliver next-generation systems engineering, cybersecurity, technology insertion and best practices-based Enterprise Operations (EOps) management.

Beyond Encryption

Beyond Encryption

Mailock by Beyond Encryption is a secure email solution that allows businesses to exchange email securely, safe in the knowledge that their email can only be read by their intended recipient.

Apex Systems

Apex Systems

Apex Systems is a world-class technology services business that incorporates industry insights and experience to deliver solutions that fulfill our clients’ digital visions.

Netox

Netox

Netox is a comprehensive IT service provider that combines IT support services, IT solutions and specialist services; specializing in cybersecurity solutions.

One82

One82

Serving emerging small and medium-sized businesses in California and neighboring regions for over 20 years, One82 has established itself as the most dependable provider of IT support services.

6WIND

6WIND

6WIND deliver virtualized, cloud-native, distributed high performance & secure networking software solutions to support new applications such as 5G, IoT, SD-WAN.

Accelerynt

Accelerynt

Accelerynt was founded with a singular purpose: help teams like yours build cybersecurity resilience.

Blackwire Labs

Blackwire Labs

Blackwire.ai is the first multidisciplinary cybersecurity advisor, powered by AI and trained by cybersecurity experts to enhance your team's capabilities and improve resilience.

CyberRey

CyberRey

CyberRey is a leading distributor of comprehensive cybersecurity solutions, empowering organizations of all sizes to thrive in the digital age.

Cyvore Security

Cyvore Security

Cyvore combines cutting-edge AI, machine learning, and behavioral analytics to detect, investigate, and neutralize threats before they compromise your organization.