Ethical Hacking News
US Treasury Department sanctions two Asian companies and two individuals for their alleged involvement in North Korean IT worker scams that targeted US businesses, highlighting the ongoing threat posed by North Korea's use of cybercrime.
The US Treasury Department has imposed sanctions on two Asian companies and two individuals for their involvement in North Korean IT worker scams targeting US businesses. The sanctions are part of a broader effort to combat North Korea's use of cybercrime, which has become increasingly sophisticated in recent years. The sanctions aim to stop North Korean IT workers from posing as legitimate employees and stealing sensitive data from US companies' networks. The US government is taking steps to hold individuals and companies accountable for their involvement in North Korea's cybercrime schemes, including recovering nearly $8 million in payments sent to the North Koreans. The growing threat posed by North Korea's use of cybercrime has been acknowledged by many Fortune 500 companies' CISOs, who have admitted to having a North Korean IT worker problem.
The US Treasury Department has recently announced sanctions against two Asian companies and two individuals for their alleged involvement in North Korean IT worker scams that targeted US businesses. The sanctions, which were announced on Wednesday, are a significant development in the ongoing efforts to combat the North Korean regime's use of cybercrime as a means of generating revenue.
According to the Treasury Department, Shenyang Geumpungri Network Technology Co. in China and Sinjin Trading Corporation from South Korea had funneled over $1 million to North Koreans using fake IT workers' salaries and thefts. The State Department added that the Japanese and South Korean governments cooperated with the State Department to aid the action.
The sanctions come as part of a broader effort by the US government to combat North Korea's use of cybercrime. In recent years, North Korea has become increasingly sophisticated in its use of cybercrime, using tactics such as deepfakes and other forms of social engineering to trick victims into divulging sensitive information or installing malware on their systems.
The sanctions are also a response to the growing threat posed by North Korean IT workers who have been hired to work for US companies. These workers often pose as legitimate employees and are able to gain access to sensitive areas of the company's network, allowing them to steal data and other valuable information.
In order to combat this threat, the US government has taken several steps. In May, the Treasury's Office of Foreign Assets Control (OFAC) moved against Chinese businesses pushing North Korean IT staff out to Western companies. This move was seen as a significant step forward in the fight against North Korea's use of cybercrime.
The US Department of Justice also recently attempted to recover nearly $8 million in payments sent to the North Koreans from such fraud. This effort is part of a broader strategy to hold individuals and companies accountable for their involvement in North Korea's cybercrime schemes.
However, stopping the problem won't be easy. After the Covid lockdown, remote work became more popular and the Norks have leveraged their coding skills to move away from the standard criminal extortion attacks to embedding staff in key targets. Not only do they bring in tech-level salaries, but also get free rein on their employers' networks, enabling larger thefts.
According to Mandiant, a security firm that specializes in North Korean cyber threats, "Almost every CISO of a Fortune 500 company that I've spoken to — I'll just characterize as dozens that I've spoken to — have admitted that they had a North Korean IT worker problem." This statement highlights the growing threat posed by North Korea's use of cybercrime and the need for US companies to take steps to protect themselves.
The sanctions announced recently are an important step forward in the fight against North Korea's use of cybercrime. However, more needs to be done to address this growing threat.
Related Information:
https://www.ethicalhackingnews.com/articles/North-Koreas-IT-Worker-Scam-A-Threat-to-Global-Cybersecurity-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/08/27/us_treasury_korea_sanctions/
https://cybernews.com/security/north-korea-it-worker-scam-fbi-seizes-domains-tactics-microsoft/
https://news.outsourceaccelerator.com/nail-salon-worker-north-korea-remote-job-scam/
Published: Wed Aug 27 16:35:02 2025 by llama3.2 3B Q4_K_M
