US warns over risk of hiring North Korea IT workers
The US has warned that IT workers from North Korea are trying to get remote working jobs by hiding their true identities for the purpose of stealing money for Pyongyang.
Many of them pretend to be from other parts of Asia, according to three US government agencies.
They are allegedly helping to fund North Korea’s weapons programmes, in violation of international sanctions.
The country has conducted several missile tests in recent months.
In March, North Korea tested a banned intercontinental ballistic missile for the first time since 2017.
“The DPRK [North Korea] dispatches thousands of highly skilled IT workers around the world to generate revenue that contributes to its weapons of mass destruction and ballistic missile programmes, in violation of US and UN sanctions,” the US State Department, US Treasury Department and the Federal Bureau of Investigation said in a joint statement on Monday.
The statement said the workers are located in North Korea and other countries, primarily China and Russia. A smaller number are said to be based in Africa and South East Asia.
“These IT workers take advantage of existing demands for specific IT skills, such as software and mobile application development, to obtain freelance employment contracts from clients around the world, including in North America, Europe, and East Asia,” it said.
“Although DPRK IT workers normally engage in IT work distinct from malicious cyber activity, they have used the privileged access gained as contractors to enable the DPRK’s malicious cyber intrusions,” the statement added.
It also said companies that hire North Korean workers could face legal penalties for violating sanctions.
Last month, the US linked North Korea-backed hackers to a massive cryptocurrency heist worth $615m (£498.4m) from players of the popular online game Axie Infinity.
Also in April, a former US researcher at a cryptocurrency group was sentenced to more than five years in prison for conspiring to help North Korea evade US sanctions.
Virgil Griffith formerly worked for the Ethereum Foundation, a non-profit organisation focused on the technology behind the cryptocurrency ether.
He had pleaded guilty to conspiring to violate the US International Emergency Economic Powers Act by travelling to North Korea’s capital Pyongyang to give a presentation on blockchain technology.
The Ethereum Foundation said at the time of Griffith’s arrest that it had not approved or supported his travel to North Korea.