DPRK IT Workers | A Network of Active Front Companies and Their Links to China (www.sentinelone.com)
from Joker@sh.itjust.works to cybersecurity@infosec.pub on 21 Nov 11:19
https://sh.itjust.works/post/28414120

Executive Summary

  • SentinelLabs has identified unique characteristics of multiple websites, now seized by the US Government, associated with the DPRK IT Worker front companies.
  • We assess with high confidence that DPRK actors seek to impersonate US based software and technology consulting businesses by copying the online brands of legitimate organizations, seeking to use these for financial objectives.
  • SentinelLabs has linked the activity to several active front companies and links these with high confidence to a larger set of organizations being created in China. Our findings link additional companies, which remain active today, to the DPRK IT Workers scheme.

#cybersecurity

threaded - newest