DPRK IT workers used fake IDs and purchased Upwork/LinkedIn accounts for developer jobs.
PorAinvest
miércoles, 13 de agosto de 2025, 8:47 am ET1 min de lectura
UPWK--
The use of these platforms by North Korean IT workers is part of a broader strategy to circumvent sanctions and generate revenue. According to a United Nations Panel of Experts report, North Korean IT workers abroad, often in China or Southeast Asia, are generating between $250 million and $600 million per year through such activities [1].
The schemes involve the use of stolen identities, often from real US citizens, to apply for freelance contracts or remote positions. These workers pose as South Korean, Chinese, Japanese, or Eastern European, and as US-based teleworkers. They use front companies, often in China, Russia, Southeast Asia, and Africa, to mask their identities and secure jobs in Western companies [1].
Recent examples of these tactics include the conviction of Christina Chapman, who orchestrated a scheme that enabled North Korean IT workers to pose as US citizens and residents using stolen identities to obtain jobs at more than 300 US companies and two international firms. The conspiracy generated more than $17 million in illicit revenue over three years [1].
The threat is not limited to the US; it is expanding into Europe as well. Suspected DPRK workers have undertaken UK projects in areas such as web development, bot development, content management system (CMS) development, and blockchain technology [1].
To mitigate this risk, companies are urged to carry out tighter vetting of new hires, especially for remote and freelance positions. This includes verifying the authenticity of documents and backgrounds, and using advanced security tools to detect anomalies in hiring processes.
References:
[1] https://www.csoonline.com/article/4033022/how-not-to-hire-a-north-korean-it-spy-3.html
DPRK IT workers used fake IDs and purchased Upwork/LinkedIn accounts for developer jobs.
In a growing trend, North Korean IT workers are leveraging freelance platforms like Upwork and LinkedIn to infiltrate Western companies, using fake identities and purchased accounts to secure developer jobs. This tactic, part of the regime's illicit revenue generation and cyberespionage efforts, poses a significant threat to global cybersecurity.The use of these platforms by North Korean IT workers is part of a broader strategy to circumvent sanctions and generate revenue. According to a United Nations Panel of Experts report, North Korean IT workers abroad, often in China or Southeast Asia, are generating between $250 million and $600 million per year through such activities [1].
The schemes involve the use of stolen identities, often from real US citizens, to apply for freelance contracts or remote positions. These workers pose as South Korean, Chinese, Japanese, or Eastern European, and as US-based teleworkers. They use front companies, often in China, Russia, Southeast Asia, and Africa, to mask their identities and secure jobs in Western companies [1].
Recent examples of these tactics include the conviction of Christina Chapman, who orchestrated a scheme that enabled North Korean IT workers to pose as US citizens and residents using stolen identities to obtain jobs at more than 300 US companies and two international firms. The conspiracy generated more than $17 million in illicit revenue over three years [1].
The threat is not limited to the US; it is expanding into Europe as well. Suspected DPRK workers have undertaken UK projects in areas such as web development, bot development, content management system (CMS) development, and blockchain technology [1].
To mitigate this risk, companies are urged to carry out tighter vetting of new hires, especially for remote and freelance positions. This includes verifying the authenticity of documents and backgrounds, and using advanced security tools to detect anomalies in hiring processes.
References:
[1] https://www.csoonline.com/article/4033022/how-not-to-hire-a-north-korean-it-spy-3.html
Divulgación editorial y transparencia de la IA: Ainvest News utiliza tecnología avanzada de Modelos de Lenguaje Largo (LLM) para sintetizar y analizar datos de mercado en tiempo real. Para garantizar los más altos estándares de integridad, cada artículo se somete a un riguroso proceso de verificación con participación humana.
Mientras la IA asiste en el procesamiento de datos y la redacción inicial, un miembro editorial profesional de Ainvest revisa, verifica y aprueba de forma independiente todo el contenido para garantizar su precisión y cumplimiento con los estándares editoriales de Ainvest Fintech Inc. Esta supervisión humana está diseñada para mitigar las alucinaciones de la IA y garantizar el contexto financiero.
Advertencia sobre inversiones: Este contenido se proporciona únicamente con fines informativos y no constituye asesoramiento profesional de inversión, legal o financiero. Los mercados conllevan riesgos inherentes. Se recomienda a los usuarios que realicen una investigación independiente o consulten a un asesor financiero certificado antes de tomar cualquier decisión. Ainvest Fintech Inc. se exime de toda responsabilidad por las acciones tomadas con base en esta información. ¿Encontró un error? Reportar un problema
SOBRE NOSOTROS
Nuestra historiaAutores de noticiasBase de conocimientosPolítica de privacidadTérmino de usoDescargo de responsabilidad de corretaje de tercerosTérminos de uso de AIMEDivulgaciones de riesgos de AInvest AICarrerasCONTÁCTENOS
Email: support@ainvest.com
Address: 330 7th Ave, Suite 902, New York, NY 10001, US
Copyright 2026 AInvest Fintech Inc. All rights reserved.
Comentarios
Aún no hay comentarios