North Korean websites allegedly impersonate US companies, the FBI claims

admin

[ad_1]

The FBI seized multiple websites that North Korean operatives impersonating legitimate American and Indian companies in a likely attempt to collect money for the nuclear-armed North Korean regime, according to statements on websites and security researchers who have investigated the activity.

All four websites identified by cybersecurity firm SentinelOne as North Korean fronts today had a statement in English and Korean saying they were seized under a warrant issued by the U.S. District Court in Massachusetts as part of a “coordinated enforcement action law” against North Korea by the Korean government.

SentinelOne researchers traced the fraudulent companies to a larger set of organizations based in China.

The FBI’s seizure has hampered North Korea’s efforts to finance it. (KCNA/Reuters/File via CNN Newsource)

Finding and preventing these rogue companies is a huge national security challenge that the Biden administration tried to tackle and that the Trump administration will inherit.

About half of North Korea’s missile program is funded by cyberattacks and the theft of cryptocurrencies, a White House official said last year.

Front companies mimicked the websites of several US software and consulting companies and encouraged potential clients to get in touch, according to SentinelOne analysis.

CNN has reached out to the FBI for comment.

A statement by the FBI and other US law enforcement agencies about the seized websites directs visitors to a 2022 warning from US officials that North Korea used thousands of IT workers abroad to secretly raise money for the regime.

A CNN investigation that year revealed that North Korean operatives were aggressively trying to infiltrate American cryptocurrency and other technology companies by posing as members of other nationalities.

An American businessman told CNN that, according to the FBI, his company unknowingly sent tens of thousands of dollars to the North Korean government.

In some cases, the North Koreans may be getting help from the Americans.

About half of North Korea’s missile program is funded by cyberattacks and cryptocurrency theft. (AP)

U.S. federal prosecutors in May charged an Arizona woman with participating in an elaborate fraud scheme to help foreign IT workers pose as Americans, land jobs at major U.S. companies and generate $6.8 million in income that could be used Pyongyang.

“These fake companies and websites are just the tip of the iceberg,” Tom Hegel, chief threat researcher at SentinelOne, told CNN today of the new findings.

“What we have uncovered represents a fragment of a much larger, deeply rooted operation designed to remain hidden in plain sight.”

Hegel and his colleague Dakota Cary uncovered some of the shell company’s activities at an address in Liaoning, a Chinese province bordering North Korea.

It is not the first time that researchers have tracked the operations of North Korean IT workers in northeastern China.

In April, CNN reported on a North Korean computer server that contained illustrations that appeared to be produced for American animation studios.

Logs from a North Korean computer server showed multiple visits from Internet connections in northeast China.

[ad_2]

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *