Inside the Scam: North Korea’s IT Worker Threat
Contents
Inside the Scam: North Korea’s IT Worker Threat
Posted: 13th February 2025
By: Insikt Group®
Inside the Scam: North Korea’s IT Worker Threat
Live Demo: Mitigate Emerging Threats
Live Demo: Mitigate Emerging Threats with Intelligence
See how Recorded Future’s Threat Intelligence helps prioritize and mitigate threats with real-world examples and actionable insights.
Book Your Demo Today
insikt_group_logo
Executive Summary
In an era in which remote work has become the norm, North Korea has seized the opportunity to manipulate hiring processes, using fraudulent information technology (IT) employment to generate revenue for the regime. North Korean IT workers infiltrate international companies and secure remote positions under false identities. These operatives not only violate international sanctions but also pose severe cybersecurity threats, engaging in fraud and data theft and potentially disrupting business operations.
Beyond financial fraud, these IT workers have been linked to cyber espionage. Insikt Group tracks PurpleBravo (formerly Threat Activity Group 120 [TAG-120]), a North Korean-linked cluster that overlaps with the “Contagious …
Posted: 13th February 2025
By: Insikt Group®
Inside the Scam: North Korea’s IT Worker Threat
Live Demo: Mitigate Emerging Threats
Live Demo: Mitigate Emerging Threats with Intelligence
See how Recorded Future’s Threat Intelligence helps prioritize and mitigate threats with real-world examples and actionable insights.
Book Your Demo Today
insikt_group_logo
Executive Summary
In an era in which remote work has become the norm, North Korea has seized the opportunity to manipulate hiring processes, using fraudulent information technology (IT) employment to generate revenue for the regime. North Korean IT workers infiltrate international companies and secure remote positions under false identities. These operatives not only violate international sanctions but also pose severe cybersecurity threats, engaging in fraud and data theft and potentially disrupting business operations.
Beyond financial fraud, these IT workers have been linked to cyber espionage. Insikt Group tracks PurpleBravo (formerly Threat Activity Group 120 [TAG-120]), a North Korean-linked cluster that overlaps with the “Contagious …