DPRK IT Workers | A Network of Active Front Companies and Their Links to China
Contents
Executive Summary
- SentinelLabs has identified unique characteristics of multiple websites, now seized by the US Government, associated with the DPRK IT Worker front companies.
- We assess with high confidence that DPRK actors seek to impersonate US based software and technology consulting businesses by copying the online brands of legitimate organizations, seeking to use these for financial objectives.
- SentinelLabs has linked the activity to several active front companies and links these with high confidence to a larger set of organizations being created in China.
- Our findings link additional companies, which remain active today, to the DPRK IT Workers scheme.
Background
North Korea operates a global network of IT workers, both as individuals and under front companies, to evade sanctions and generate revenue for the regime. These workers are highly skilled in areas like software development, mobile applications, blockchain, and cryptocurrency technologies. By posing as professionals from other countries using fake identities and forged …
- SentinelLabs has identified unique characteristics of multiple websites, now seized by the US Government, associated with the DPRK IT Worker front companies.
- We assess with high confidence that DPRK actors seek to impersonate US based software and technology consulting businesses by copying the online brands of legitimate organizations, seeking to use these for financial objectives.
- SentinelLabs has linked the activity to several active front companies and links these with high confidence to a larger set of organizations being created in China.
- Our findings link additional companies, which remain active today, to the DPRK IT Workers scheme.
Background
North Korea operates a global network of IT workers, both as individuals and under front companies, to evade sanctions and generate revenue for the regime. These workers are highly skilled in areas like software development, mobile applications, blockchain, and cryptocurrency technologies. By posing as professionals from other countries using fake identities and forged …
IoC
http://180.235.135.177
http://jswc.com.cn
http://inditechlab.com
http://huguotechltd.com
174.138.181.198
[email protected]
180.235.135.177
http://tonywangtech.com
http://174.138.181.198
http://103.15.29.44
103.15.29.44
[email protected]
http://hopanatech.com
http://wkjllc.com
http://Hopanatech.com
http://jswc.com.cn
http://inditechlab.com
http://huguotechltd.com
174.138.181.198
[email protected]
180.235.135.177
http://tonywangtech.com
http://174.138.181.198
http://103.15.29.44
103.15.29.44
[email protected]
http://hopanatech.com
http://wkjllc.com
http://Hopanatech.com