Source: go.theregister.com – Author: Team Register
When businesses go shopping for IT services, North Korea-controlled companies probably struggle to make it into many lists.
Their prospects of picking up your work have receded further, after the US Department of the Treasury’s Office of Foreign Assets Control (OFAC) made it illegal to do business with one: Chinyong Information Technology Cooperation Company, aka Jinyong IT Cooperation Company.
Treasury asserted the outsourcer “employs delegations of DPRK IT workers that operate in Russia and Laos.”
The department stated that North Korea “generates significant revenue through the deployment of IT workers who fraudulently obtain employment with companies around the world, including in the technology and virtual currency industries.”
Treasury believes North Korea has thousands of such staff on the books – most working in Russia or China and sending their pay packets home to the Democratic People’s Republic of Korea (DPRK) so it can build weapons of mass destruction and missiles.
“In some cases, DPRK IT workers can each earn more than $300,000 per year,” Treasury stated. “These workers deliberately obfuscate their identities, locations, and nationalities, typically using fake personas, proxy accounts, stolen identities, and falsified or forged documentation to apply for jobs at these companies.”
“They target employers located in wealthier countries, utilizing a variety of mainstream and industry-specific freelance contracting, payment, and social media and networking platforms. Applications and software developed by DPRK IT workers span a range of fields and sectors, including business, health and fitness, social networking, sports, entertainment, and lifestyle.”
Work on virtual currency projects is a favorite, and DPRK techies then “use virtual currency exchanges and trading platforms to manage digital payments they receive for contract work as well as to launder these illicitly obtained funds back to the DPRK.”
OFAC has tried to stop this scheme with a ban on Chinyong. The firm has been designated an agency, instrumentality, or controlled entity of the Government of North Korea or the Workers’ Party of Korea under an executive order [PDF] issued by president Obama in 2015 that bans any dealings with named entities.
- DoJ, Treasury accuses 3 men of laundering crypto for North Korea
- North Korea shows off surveillance satellite it claims it can launch
- FBI warns of North Korean cyberspies posing as foreign IT workers
- Ethereum dev admits helping North Korea mine crypto-bucks, faces 20 years jail
Entities like Chinyong occasionally help out with North Korea’s malicious cyber activities, but the pariah state also operates outfits dedicated to that task.
Treasury just banned three of those, too.
Pyongyang University of Automation, described as “one of the DPRK’s premier cyber instruction institutions … responsible for training malicious cyber actors” has been added to the US’s Thou Shalt Not Deal With list.
So has the Technical Reconnaissance Bureau, which Treasury believes “leads the DPRK’s development of offensive cyber tactics and tools and operates several departments, including those affiliated with the Lazarus Group.” It’s now a non-entity under US law. So is its subordinate cyber unit, the 110th Research Center, which is accused of attacks on South Korea.
You were probably never going to do business with these entities – at least not intentionally. Now, though, doing so would put you on the wrong side of US law, so it’s important to be even more vigilant when considering offshore freelancers. ®
Original Post URL: https://go.theregister.com/feed/www.theregister.com/2023/05/24/treasury_bans_more_dprk_techies/
Category & Tags: –