For years, cybersecurity threats such as hacking and identity theft have compromised companies and organizations as well as personal accounts. And many governments are pointing to North Korea as a possible location for these hackers, who have caused billions of dollars in damage to the global economy.
Now, a report from Cyberwarcon, a cybersecurity conference held in Washington, D.C., has confirmed these claims and revealed the continued efforts of North Korean hackers to undermine businesses.
Microsoft (MS) researcher James Elliott revealed that North Korean ‘IT workers’ have infiltrated hundreds of companies around the world through impersonation.
Hackers secretly collaborate with North Korea to infiltrate organizations
According to experts, corporate recruiters, venture capitalists, and IT workers are typical occupations for North Korean hackers. Security experts at Cyberwarcon have revealed a growing number of cybersecurity breaches that highlight the havoc caused by cybersecurity threats. During the meeting, experts provided an updated assessment of the threat posed by hackers to global security.
North Korean Hackers Steal Billions of Dollars in Cryptocurrency by Posing as VCs, Recruiters, and IT Employees https://t.co/5mQwES2eqq
— TechCrunch (@TechCrunch) November 28, 2024
Experts say North Korea is continuing its efforts to undermine companies by allowing hackers to pose as prospective employees. The hackers’ main goal was to make money for the North Korean government and steal information that could help build North Korea’s weapons program.
The group is also responsible for the recent surge in multibillion-dollar cryptocurrency hacks. As sanctions have already been imposed, North Korea’s efforts are becoming more and more bold.
North Korea and hacking groups
Experts say several hacker groups are working with the North Korean government. According to Microsoft, one of these groups is “Ruby Sleet,” which has infiltrated defense and aerospace companies to steal industrial information that could help the reclusive nation develop navigation and weapons systems.
Cryptocurrencies today hit a total market cap of $3.29 trillion. Chart: TradingView.com
And there is ‘Sapphire Sleet’, who calls himself a human resources manager and venture capitalist. The group worked to steal cryptocurrency from businesses and individuals. According to the investigation, the hackers contacted the targets and set up virtual meetings. However, these virtual meetings are not designed to load correctly.
In this setup, hackers convince unsuspecting targets to download malware and present it as a troubleshooting tool. During the fake recruitment process, hackers ask applicants to download a skills assessment test that contains malware.
Image: Alamy
Microsoft warns about hackers from NoKor
At the same conference, researchers warned the industry of a “triple threat.” They noted that NoKor cybercriminals can trick employees, make money off of their jobs, and potentially steal their information to get them jobs.
According to Microsoft research, hundreds of companies have inadvertently hired these hackers. Only a few companies came forward and shared their experiences.
For example, KnowBe4 shared that they were tricked into hiring these scammers. When the company learned of the plan, it immediately blocked the hackers’ access to its systems.
Featured image by Bleeping Computer, chart by TradingView