FBI closes websites that used North Koreans for company imitation

Von WOM

The FBI has confiscated several websites that were used by North Korean operational to vary as legitimate US and Indian companies. This step apparently happened to procure money for the Nuclear weapons, which is equipped with nuclear weapons, such statements on the websites and security researchers who examined the activities.

The confiscation of the websites

All four of the Cybersecurity company Sentinelone as North Korean camouflage companies identified had an explanation in English and Korean, which said they were confiscated as part of an arrest warrant of the US district court of Massachusetts. This is part of a “coordinated assumption” against the North Korean government. The researchers of Sentinelone were able to assign the camouflage companies to a larger group of organizations based in China.

The challenge for national security

The tracking and eliminating of these fake companies is a major challenge for national security that tries to tackle bidel administration and which will inherit the Trump administration. It is estimated that about half of North Koreas rocket program through cyber attacks and cryptocurrency theft, like an official of the white house last year reported.

intentional deception through fake websites

The camouflage companies are aware of the websites of several US software and consulting companies and asked potential customers to contact contact, as the analysis of Sentinelone shows. The FBI did not want to comment on the case.

Reference to previous warnings

The explanation of the FBI and other US criminal prosecution authorities on the confiscated websites refers to a warning from 2022, in which US officials emphasized that North Korea sets thousands of IT workers abroad to collect money for the regime.

studies and attempts at infiltration

An investigation of CNN from that year showed that North Korean operational attempted to penetrate US cryptocurrency and other technology companies by exposed themselves as people of other nationalities. An American entrepreneur reported CNN that his company unknowingly transferred tens of thousands of dollars to the North Korean government.

international cooperation in fraud cases

In some cases, it could be that North Koreans receive support from Americans. In May, US public prosecutors accused a woman from Arizona in a sophisticated fraud scheme that enabled foreign IT workers to be outstanding as an American and being employed at large US companies. This led to income of $ 6.8 million that could benefit Pyongyang.

insight into a deeper operation

"These camouflage companies and websites are only the tip of the iceberg," said Tom Hegel, senior threat researcher at Sentinelone, to CNN. "What we have uncovered is only a fraction of a much more comprehensive and deeply rooted operation that aims to act in hidden."

tracing of the activities to China

Hegel and his colleague Dakota Cary were able to trace some activities of the camouflage companies to an address in Liaoning, the Chinese province, which borders on North Korea. This is not the first time that researchers trace North Korean IT worker operations back to Northeast China. In April, CNN reported on a North Korean computer server that contained illustrations that were apparently produced for US animation studios. Protocols of the server showed numerous access of internet connections in northeast china.