According to the US Government, North Korean IT workers are flooding the freelance market. It\u2019s illegal for US businesses to employ them, but, what if they have no idea they\u2019re doing it? In this new remote work world we\u2019re living in, it\u2019s completely possible. The North Korean workers are targeting all kinds of technology-focused businesses, but of course, the CNN report on the matter focused on cryptocurrency firms.<\/p>\n
\u201cIt\u2019s an elaborate money-making scheme that relies on front companies, contractors and deception to prey on a volatile industry that is always on the hunt for top talent. North Korean tech workers can earn more than $300,000 annually \u2014 hundreds of times the average income of a North Korean citizen \u2014 and up to 90% of their wages go to the regime, according to the US advisory.\u201d<\/p>\n
In contrast, this is what the US Government actually published:\u00a0<\/p>\n
\u201cThe DPRK dispatches thousands of highly skilled IT workers around the world to generate revenue that contributes to its weapons of mass destruction (WMD) and ballistic missile programs, in violation of U.S. and UN sanctions. These IT workers take advantage of existing demands for specific IT skills, such as software and mobile application development, to obtain freelance employment contracts from clients around the world, including in North America, Europe, and East Asia.\u201d<\/p>\n
It\u2019s worth noting that the document doesn\u2019t mention \u201ccrypto\u201d or \u201cbitcoin,\u201d but let\u2019s read what mainstream media has to say.<\/p>\n
How Does CNN Relate North Korean IT Workers To Crypto?\u00a0\u00a0<\/p>\n
The plan is simple, to associate this new development with the numerous crypto-related hacks that NewsBTC has timely reported on:\u00a0<\/p>\n
\u201cNorth Korean government-backed hackers have stolen the equivalent of billions of dollars in recent years by raiding cryptocurrency exchanges, according to the United Nations. In some cases, they\u2019ve been able to nab hundreds of millions of dollars in a single heist, the FBI and private investigators say.\u201d<\/p>\n
To establish authority, CNN also quotes US Government-related individuals, like \u201cSoo Kim, a former North Korea analyst at the CIA.\u201d She said, \u201c(The North Koreans) take this very seriously. It\u2019s not just some rando in his basement trying to mine cryptocurrency it\u2019s a way of life.\u201d Is she talking about the hackers or the job hunters, though? \u201cEven though the tradecraft is not perfect right now, in terms of their ways of approaching foreigners and preying upon their vulnerabilities, it\u2019s still a fresh market for North Korea,\u201d she said later, apparently talking about the job hunters.<\/p>\n
Another authority figure CNN features is \u201cFred Plan, principal analyst at cybersecurity firm Mandiant, which investigated suspected North Korean tech workers\u201d. He says, \u201cMost of these crypto firms and services are still a long way off from the security posture that we see with traditional banks and other financial institutions\u201d. He\u2019s right about that, but, what does that have to do with freelancers looking for jobs in IT?<\/p>\n\n
ETH price chart for 07\/12\/2022 on FTX | Source: ETH\/USD on TradingView.com
\nWhat About Those Hacks That Everyone Keeps Talking About?<\/p>\n
The only authority figure that relates the IT workers to North Korean hackers is \u201cNick Carlsen, who until last year was an FBI intelligence analyst focused on North Korea.\u201d What this man says might be the most important part of the article. \u201cThese guys know each other. Even if a particular IT worker isn\u2019t a hacker, he absolutely knows one. Any vulnerability they might identify in a client\u2019s systems would be at grave risk.\u201d<\/p>\n
The CNN article keeps it as vague as possible regarding the hacks:<\/p>\n
\u201cPyongyang-linked hackers in March stole what was then the equivalent of $600 million in cryptocurrency from a Vietnam-based video gaming company, according to the FBI. And North Korean hackers were likely behind a $100 million heist at a California-based cryptocurrency firm, according to blockchain analysis firm Elliptic.\u201d<\/p>\n
Luckily for you, NewsBTC is here to help.<\/p>\n
What Does NewsBTC Know About The North Korean Hackers?<\/p>\n
The first item seems to refer to the Axie Infinity\/ Ronin hack. About that one, we reported:<\/p>\n
\u201cThe alphabet agency traced the funds to wallets associated with North Korean hacking group Lazarus. Does The Block\u2019s article complete or negate this version of the story? It\u2019s hard to see North Koreans pulling a stunt quite like this.<\/p>\n
In any case, at the time the FBI was extremely clear in a statement quoted here:\u00a0<\/p>\n
\u201cThrough our investigation we were able to confirm Lazarus Group and APT38, cyber actors associated with the DPRK, are responsible for the theft of $620 million in Ethereum reported on March 29th.\u201d<\/p>\n
If the IT remote workers\u2019 story is true, we were wrong by saying, \u201cIt\u2019s hard to see North Koreans pulling a stunt quite like this.\u201d The second item seems to refer to the Harmony hack, and to describe that one we\u2019ll quote our sister site Bitcoinist, who reported:<\/p>\n
\u201cThe United States government believes that Lazarus was acting on behalf of North Korea\u2019s covert intelligence service. Elliptic, a blockchain analytics company, disclosed in a report that: \u201cThe theft was achieved by compromising the cryptographic keys of a multi-signature wallet \u2014 most likely through a social engineering attack on members of the Harmony team. The Lazarus Group has routinely employed such methods.\u201d<\/p>\n
And that\u2019s what we know so far. Are the North Korean IT workers related to the hackers? Probably so, but, the US Government didn\u2019t even mention cryptocurrencies or bitcoin in their \u201cGuidance on the Democratic People\u2019s Republic of Korea information technology workers.\u201d<\/p>\n
Featured Image taken from this post | Charts by TradingView<\/p>","protected":false},"excerpt":{"rendered":"
<\/p>\n
According to the US Government, North Korean IT workers are flooding the freelance market. It\u2019s illegal for US businesses to employ them, but, what if they have no idea they\u2019re doing it? In this new remote work world we\u2019re living in, it\u2019s completely possible. The North Korean workers are targeting all kinds of technology-focused businesses, but of course, the CNN report on the matter focused on cryptocurrency firms.<\/p>\n
\u201cIt\u2019s an elaborate money-making scheme that relies on front companies, contractors and deception to prey on a volatile industry that is always on the hunt for top talent. North Korean tech workers can earn more than $300,000 annually \u2014 hundreds of times the average income of a North Korean citizen \u2014 and up to 90% of their wages go to the regime, according to the US advisory.\u201d<\/p>\n
In contrast, this is what the US Government actually published:\u00a0<\/p>\n
\u201cThe DPRK dispatches thousands of highly skilled IT workers around the world to generate revenue that contributes to its weapons of mass destruction (WMD) and ballistic missile programs, in violation of U.S. and UN sanctions. These IT workers take advantage of existing demands for specific IT skills, such as software and mobile application development, to obtain freelance employment contracts from clients around the world, including in North America, Europe, and East Asia.\u201d<\/p>\n
It\u2019s worth noting that the document doesn\u2019t mention \u201ccrypto\u201d or \u201cbitcoin,\u201d but let\u2019s read what mainstream media has to say.<\/p>\n
How Does CNN Relate North Korean IT Workers To Crypto?\u00a0\u00a0<\/p>\n
The plan is simple, to associate this new development with the numerous crypto-related hacks that NewsBTC has timely reported on:\u00a0<\/p>\n
\u201cNorth Korean government-backed hackers have stolen the equivalent of billions of dollars in recent years by raiding cryptocurrency exchanges, according to the United Nations. In some cases, they\u2019ve been able to nab hundreds of millions of dollars in a single heist, the FBI and private investigators say.\u201d<\/p>\n
To establish authority, CNN also quotes US Government-related individuals, like \u201cSoo Kim, a former North Korea analyst at the CIA.\u201d She said, \u201c(The North Koreans) take this very seriously. It\u2019s not just some rando in his basement trying to mine cryptocurrency it\u2019s a way of life.\u201d Is she talking about the hackers or the job hunters, though? \u201cEven though the tradecraft is not perfect right now, in terms of their ways of approaching foreigners and preying upon their vulnerabilities, it\u2019s still a fresh market for North Korea,\u201d she said later, apparently talking about the job hunters.<\/p>\n
Another authority figure CNN features is \u201cFred Plan, principal analyst at cybersecurity firm Mandiant, which investigated suspected North Korean tech workers\u201d. He says, \u201cMost of these crypto firms and services are still a long way off from the security posture that we see with traditional banks and other financial institutions\u201d. He\u2019s right about that, but, what does that have to do with freelancers looking for jobs in IT?<\/p>\n
ETH price chart for 07\/12\/2022 on FTX | Source: ETH\/USD on TradingView.com
\nWhat About Those Hacks That Everyone Keeps Talking About?<\/p>\n
The only authority figure that relates the IT workers to North Korean hackers is \u201cNick Carlsen, who until last year was an FBI intelligence analyst focused on North Korea.\u201d What this man says might be the most important part of the article. \u201cThese guys know each other. Even if a particular IT worker isn\u2019t a hacker, he absolutely knows one. Any vulnerability they might identify in a client\u2019s systems would be at grave risk.\u201d<\/p>\n
The CNN article keeps it as vague as possible regarding the hacks:<\/p>\n
\u201cPyongyang-linked hackers in March stole what was then the equivalent of $600 million in cryptocurrency from a Vietnam-based video gaming company, according to the FBI. And North Korean hackers were likely behind a $100 million heist at a California-based cryptocurrency firm, according to blockchain analysis firm Elliptic.\u201d<\/p>\n
Luckily for you, NewsBTC is here to help.<\/p>\n
What Does NewsBTC Know About The North Korean Hackers?<\/p>\n
The first item seems to refer to the Axie Infinity\/ Ronin hack. About that one, we reported:<\/p>\n
\u201cThe alphabet agency traced the funds to wallets associated with North Korean hacking group Lazarus. Does The Block\u2019s article complete or negate this version of the story? It\u2019s hard to see North Koreans pulling a stunt quite like this.<\/p>\n
In any case, at the time the FBI was extremely clear in a statement quoted here:\u00a0<\/p>\n
\u201cThrough our investigation we were able to confirm Lazarus Group and APT38, cyber actors associated with the DPRK, are responsible for the theft of $620 million in Ethereum reported on March 29th.\u201d<\/p>\n
If the IT remote workers\u2019 story is true, we were wrong by saying, \u201cIt\u2019s hard to see North Koreans pulling a stunt quite like this.\u201d The second item seems to refer to the Harmony hack, and to describe that one we\u2019ll quote our sister site Bitcoinist, who reported:<\/p>\n
\u201cThe United States government believes that Lazarus was acting on behalf of North Korea\u2019s covert intelligence service. Elliptic, a blockchain analytics company, disclosed in a report that: \u201cThe theft was achieved by compromising the cryptographic keys of a multi-signature wallet \u2014 most likely through a social engineering attack on members of the Harmony team. The Lazarus Group has routinely employed such methods.\u201d<\/p>\n
And that\u2019s what we know so far. Are the North Korean IT workers related to the hackers? Probably so, but, the US Government didn\u2019t even mention cryptocurrencies or bitcoin in their \u201cGuidance on the Democratic People\u2019s Republic of Korea information technology workers.\u201d<\/p>\n
Featured Image taken from this post | Charts by TradingView<\/p>\n
<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[82],"tags":[],"class_list":["post-3214","post","type-post","status-publish","format-standard","hentry","category-blockchain"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"http:\/\/cryptocornercafe.com\/cafe\/wp-json\/wp\/v2\/posts\/3214","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/cryptocornercafe.com\/cafe\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/cryptocornercafe.com\/cafe\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"http:\/\/cryptocornercafe.com\/cafe\/wp-json\/wp\/v2\/comments?post=3214"}],"version-history":[{"count":0,"href":"http:\/\/cryptocornercafe.com\/cafe\/wp-json\/wp\/v2\/posts\/3214\/revisions"}],"wp:attachment":[{"href":"http:\/\/cryptocornercafe.com\/cafe\/wp-json\/wp\/v2\/media?parent=3214"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/cryptocornercafe.com\/cafe\/wp-json\/wp\/v2\/categories?post=3214"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/cryptocornercafe.com\/cafe\/wp-json\/wp\/v2\/tags?post=3214"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}