Identities of More Than 80 Americans Stolen for North Korean IT Worker Scams The US Justice Department revealed the identity theft number along with one arrest and a crackdown on “laptop farms” that allegedly facilitate North Korean tech worker impersonators across the US.

www.wired.com/story/identi...

I tried to hire a North Korean scammer YouTube video by Christophe

www.youtube.com/watch?v=Y7x0...

Look at this nifty DPRK org chart that cybersecurity company DTEX produced.

i³ Threat Advisory: Inside the DPRK: Spotting Malicious Remote IT Applicants - DTEX Systems DTEX has identified several new behavioral indicators tied to the DPRK worker scheme. Our latest Insider Threat Advisory has the details.

www.dtexsystems.com/resources/i3...

North Korean IT Workers Are Being Exposed on a Massive Scale Security researchers are publishing 1,000 email addresses they claim are linked to North Korean IT worker scams that infiltrated Western companies—along with photos of men allegedly involved in the sc...

www.wired.com/story/north-...

reports.dtexsystems.com/DTEX-Exposin...

Many many folks in this effort over the years. Thankful for everyone and hope its of use.

Additionally QR codes as a phishing vector are in use by the group. A tactic that I feel may be a lil too techy for the clientele they seem to love picking on. Whether embedded in a doc or inline in the email, they seem to be testing this idea.

In typical fashion their immediate concern for the APT is to get them off of the main channels, opting for side chats or excuses like "I have issues with email and service in the building, can reach me on Whatsapp" etc.

APT43 activity with multiple European embassies being spoofed and likely targeted. Rapport building themes and lures center around DPRK Human Rights and reactions to DPRKs official stance on NK troops in Russia cc @jennytown.bsky.social @elias.foxhold.net @garyfreasbysm.bsky.social

Your Favorite New Coworker Is an AI-Enhanced Operative From North Korea For years, North Korea has been secretly placing young IT workers inside Western companies. With AI, their schemes are now more devious—and effective—than ever.

Great and entertaining article by @wired.com
www.wired.com/story/north-...

N. Korea launches AI tech venture with Chinese firm to bypass sanctions - Daily NK English North Korea has partnered with a Chinese IT company in Shenyang to establish a startup focused on AI security technology development.

www.dailynk.com/english/nort...

Psssst if your CTI vendor assessed "Lazarus group" as a priority threat actor for you, it's time to get a new CTI vendor.

Kim Chaek Uni of Tech. DPRK IT Workers supplying money to sanctioned Ryonbong. Client countries: US,UK, JP, UA, CN, BR.

Cha Gang Song
JangMyongSong
KimMunSong
Li Song Ryong
Mun Ri Yong
Kim Su Jin
Choe Song Guk
Paek Myong Ho
Paek Choe Hyon
Pyo Se Il
Cha Gang Song
home.treasury.gov/news/press-r...

Maryland Man Pleads Guilty to Conspiracy to Commit Wire Fraud Minh Phuong Ngoc Vong, 40, of Bowie, Maryland, pleaded guilty today to conspiracy to commit wire fraud in connection with a scheme whereby he conspired with unknown individuals, including John Doe, al...

@nicastronaut.bsky.social better come get ya boy lol
www.justice.gov/opa/pr/maryl...

Much like their APT45 homies at times, DPRK ITW searching out regime priorities. Our goon's collect, Keygen, after analysis shows in 2024. Drone-UAV-Defense-Countermeasure Intelligence with ties to a certain DPRK College. 👀

North Korean threat groups right now

Meet the “Kyles” — North Korea’s secret IT warriors Podcast Episode · Click Here · 03/04/2025 · 24m

podcasts.apple.com/us/podcast/c...