Tag: north-korea
-
North Korean hackers ran US-based “laptop farm” from Arizona woman’s home
North Korea made millions from the scheme. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/07/north-korean-hackers-ran-us-based-laptop-farm-from-arizona-womans-home/
-
North Korea’s IT Worker Rampage Continues Amid DoJ Action
Arrests and indictments keep coming, but the North Korean fake IT worker scheme is only snowballing, and businesses can’t afford to assume their applicant-screening processes are up to the task of weeding the imposters out. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/north-korea-it-worker-rampage-doj
-
Treasury sanctions North Koreans involved in IT-worker schemes
Tags: north-koreaAuthorities also charged several of the indicted people with attempting to evade U.S. sanctions on North Korea. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/north-korea-remote-it-worker-sanctions/754087/
-
US offers $15 million reward for info on North Korean nationals involved in global criminal network
The announcement comes as an Arizona woman was sentenced to more than eight years in jail for her role in running a laptop farm. First seen on cyberscoop.com Jump to article: cyberscoop.com/state-department-reward-north-korea-it-worker-scheme/
-
U.S. Sanctions Firm Behind N. Korean IT Scheme; Arizona Woman Jailed for Running Laptop Farm
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned a North Korean front company and three associated individuals for their involvement in the fraudulent remote information technology (IT) worker scheme designed to generate illicit revenues for Pyongyang.The sanctions target Korea Sobaeksu Trading Company (aka Sobaeksu United Corporation), and Kim Se Un,…
-
U.S. Woman Sentenced to 8.5 Years for Role in North Korean Worker Scam
Christina Marie Chapman, an Arizona resident, was sentenced to 8.5 years in prison for her role in a wide-ranging North Korean IT worker scam that sent $17 million to the outlaw country. Chapman ran a laptop farm from her home, validated stolen U.S. identities for the scammers, and transferred money overseas to the bad actors.…
-
Arizona woman sentenced to 8.5 years for running North Korean laptop farm
Prosecutors said Chapman helped the North Korean IT workers obtain jobs at 309 companies, including a major television network, a car maker, a media company, a Silicon Valley technology company and more. First seen on therecord.media Jump to article: therecord.media/arizona-woman-sentenced-north-korean-laptop-farm
-
US sanctions North Korean firm, nationals behind IT worker schemes
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned three North Korean nationals and a company for supporting fraudulent IT worker schemes that generated illicit revenue for the Democratic People’s Republic of Korea (DPRK) government. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-sanctions-north-korean-firm-nationals-behind-it-worker-schemes/
-
Woman gets 8 years for aiding North Koreans infiltrate 300 US firms
Tags: north-koreaChristina Marie Chapman, a 50-year-old woman from Arizona, was sentenced to 102 months in prison after pleading guilty to her involvement in a scheme that enabled North Korean IT workers to infiltrate 309 U.S. companies. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-woman-sentenced-to-8-years-in-prison-for-running-laptop-farm-helping-north-koreans-infiltrate-300-firms/
-
US Announces $15M Reward for North Korean IT Scheme Leaders
The United States government announced coordinated actions across multiple departments today, offering rewards totaling up to $15 million for information leading to the arrests and convictions of North Korean nationals involved in extensive revenue generation schemes targeting American companies and citizens. The Department of State’s Transnational Organized Crime Rewards Program is specifically targeting Sim Hyon-sop…
-
Fake-IT-Freelancer: Betreiberin von Nordkorea-Laptopfarm muss 8,5 Jahre in Haft
Tags: north-koreaSeit Jahren infiltrieren nordkoreanische ITler Unternehmen – für Geld und Informationen. Eine US-Bürgerin muss wegen ihrer Mithilfe in Haft. First seen on golem.de Jump to article: www.golem.de/news/fake-it-freelancer-betreiberin-von-nordkorea-laptopfarm-muss-8-5-jahre-in-haft-2507-198512.html
-
Fake-IT-Freelancer: Betreiberin von Nordkorea-Laptopfarm muss 8,5 Jahre in Haft
Tags: north-koreaSeit Jahren infiltrieren nordkoreanische ITler Unternehmen – für Geld und Informationen. Eine US-Bürgerin muss wegen ihrer Mithilfe in Haft. First seen on golem.de Jump to article: www.golem.de/news/fake-it-freelancer-betreiberin-von-nordkorea-laptopfarm-muss-8-5-jahre-in-haft-2507-198512.html
-
US Announces $15M Reward for North Korean IT Scheme Leaders
The United States government announced coordinated actions across multiple departments today, offering rewards totaling up to $15 million for information leading to the arrests and convictions of North Korean nationals involved in extensive revenue generation schemes targeting American companies and citizens. The Department of State’s Transnational Organized Crime Rewards Program is specifically targeting Sim Hyon-sop…
-
US hits senior North Korean officials with sanctions, $3 million bounties
Kim Se Un, Jo Kyong Hun and Myong Chol Min are accused of helping North Korea evade U.S. and United Nations sanctions through an IT worker plot that involved tricking companies into hiring North Koreans using stolen identities. First seen on therecord.media Jump to article: therecord.media/us-sanctions-north-korean-officers-it-worker-scheme
-
Laptop farmer behind $17M North Korean IT worker scam locked up for 8.5 years
Plus she has to cough up a slice of Pyongyang’s payday First seen on theregister.com Jump to article: www.theregister.com/2025/07/24/laptop_farmer_north_korean_it_scam_sentenced/
-
Cyberattacks Surging Across Indo-Pacific, Researchers Warn
Report Urges Indo-Pacific Cyber Shield Strategy Amid Increased Nation-State Threats. A Center for a New American Security study found China and North Korea are accelerating cyberattacks, influence operations and infrastructure breaches across the Indo-Pacific, as researchers urge the U.S. to help develop a regional cyber shield, and deploy forward cyber teams. First seen on govinfosecurity.com…
-
North Korean hackers blamed for record spike in crypto thefts in 2025
Chainalysis said crypto thefts during the first half of 2025 were at record levels, thanks in large part to a single breach at a major crypto exchange. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/17/north-korean-hackers-blamed-for-record-spike-in-crypto-thefts-in-2025/
-
Chainalysis: $2.17 billion in crypto stolen in first half of 2025, driven by North Korean hacks
The value of losses to crypto thefts has soared this year to more than $2 billion over the first six months, the blockchain analytics company Chainalysis found. First seen on therecord.media Jump to article: therecord.media/chainalysis-crypto-stolen-billions
-
North Korea Floods npm Registry with Malware
67 Malicious Packages, XORIndex Loader Target JavaScript Code-Sharing Platform. North Korean threat actors escalated their software supply chain attacks by uploading 67 new malicious packages to the npm Registry as part of the ongoing Contagious Interview campaign. The malware targets open-source JavaScript developers with malware loaders. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/north-korea-floods-npm-registry-malware-a-28990
-
Wie Nordkorea Künstliche Intelligenz missbraucht – Mit Deepfakes und KI zum Jobbetrug
First seen on security-insider.de Jump to article: www.security-insider.de/nordkorea-ki-wirtschaftsspionage-erkennung-abwehr-a-2a6444996c8ff114b04d2abb2c2b7293/
-
North Korean XORIndex malware hidden in 67 malicious npm packages
North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new malware loader called XORIndex to developer systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-xorindex-malware-hidden-in-67-malicious-npm-packages/
-
North Korean Hackers Exploit 67 Malicious npm Packages to Spread XORIndex Malware
Tags: attack, cyber, exploit, hacker, malicious, malware, north-korea, software, supply-chain, threatThe Socket Threat Research Team has discovered a new software supply chain attack that uses a malware loader called XORIndex that had not been previously reported, marking a major uptick in North Korean cyber operations. This activity builds on the Contagious Interview campaign previously detailed in June 2025, which involved the HexEval Loader. The adversaries,…
-
North Korean Actors Expand Contagious Interview Campaign with New Malware Loader
Socket has identified a new malware loader called XORIndex incorporated into malicious packages published to the npm registry, with over 9000 downloads so far First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korean-contagious-interview/
-
North Korean Hackers Exploit Zoom Invites in Attacks on Crypto Companies
Tags: attack, blockchain, crypto, cyber, cybersecurity, data-breach, exploit, hacker, jobs, malware, north-korea, phishing, spear-phishing, tactics, threatCybersecurity firm SentinelOne has exposed an ongoing malware campaign orchestrated by North Korean threat actors, known for their persistent >>fake interview
-
North Korea-linked actors spread XORIndex malware via 67 malicious npm packages
North Korea-linked hackers uploaded 67 malicious npm packages with XORIndex malware, hitting 17K+ downloads in ongoing supply chain attacks. North Korea-linked threat actors behind the Contagious Interview campaign have uploaded 67 malicious npm packages with XORIndex malware loader, hitting over 17,000 downloads in ongoing supply chain attacks. XORIndex was built to evade detection and deploy…
-
North Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack Campaign
The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing another set of 67 malicious packages to the npm registry, underscoring ongoing attempts to poison the open-source ecosystem via software supply chain attacks.The packages, per Socket, have attracted more than 17,000 downloads, and incorporate a previously undocumented version of a…
-
You have a fake North Korean IT worker problem here’s how to stop it
Thick resumes with thin LinkedIn connections are one sign. Refusing an in-person interview is another First seen on theregister.com Jump to article: www.theregister.com/2025/07/13/fake_it_worker_problem/
-
Security-Insider Podcast Folge 101 – Riskante IT-Fachkräfte aus Nordkorea
Tags: north-koreaFirst seen on security-insider.de Jump to article: www.security-insider.de/security-insider-podcast-folge-101-nordkoreanische-it-fachkraefte-a-e6948e8c99c1e64e870c3170aaa65e73/
-
You have a fake North Korean IT worker problem – here’s how to stop it
Thick resumes with thin LinkedIn connections are one sign. Refusing an in-person interview is another First seen on theregister.com Jump to article: www.theregister.com/2025/07/13/fake_it_worker_problem/