Selling your identity to North Korean IT scammers isn't a sustainable side hustle
Four US citizens tried it, and the DoJ just secured guilty pleas from all of 'em
Security17 Nov 2025 | 13
North Korea
North Korean spies turn Google's Find Hub into remote-wipe weapon
KONNI espionage crew covertly abused Google’s Find My Device feature to remotely factory-reset Android phones
Cyber-crime11 Nov 2025 | 8
Norks droning on about your dream job while pwning your PC
Social engineering? Check. Trojanized open source? Check. Lazarus’ pet RAT? Also check
Cybersecurity Month23 Oct 2025 | 5
Nork scammers work the blockchain to steal crypto from job hunters
If someone sends you a coding test, be wary of downloading it
Cybersecurity Month16 Oct 2025 | 3
Fake North Korean IT workers sneaking into healthcare, finance, and AI
It's not just big tech anymore
Security30 Sep 2025 | 8
North Korea's Lazarus Group shares its malware with IT work scammers
Keeping Pyongyang's coffers full
Cyber-crime25 Sep 2025 |
BROADER TOPICS
Nork snoops whip up fake South Korean military ID with help from ChatGPT
Kimsuky gang proves that with the right wording, you can turn generative AI into a counterfeit factory
AI + ML15 Sep 2025 | 9
Sting nails two front firms in Nork IT worker scam
There's also a rogue Russian on the list
Cyber-crime27 Aug 2025 | 11
US scrambles to recoup $1M+ nicked by NORKs
The alleged perpetrators remain at large
Cyber-crime11 Aug 2025 | 3
Lazarus Group rises again, this time with malware-laden fake FOSS
Infosec In Brief PLUS: Slow MFA rollout costs Canucks $5m; Lawmakers ponder Stingray ban; MSFT tightens Teams; And more!
Security04 Aug 2025 | 3
Laptop farmer behind $17M North Korean IT worker scam locked up for 8.5 years
Plus she has to cough up a slice of Pyongyang’s payday
Cyber-crime24 Jul 2025 | 12
You have a fake North Korean IT worker problem – here's how to stop it
Thick resumes with thin LinkedIn connections are one sign. Refusing an in-person interview is another
Cyber-crime13 Jul 2025 | 120
US sanctions alleged North Korean IT sweatshop leader
Turns out outsourcing coders to bankroll Kim’s nukes doesn’t jibe with Uncle Sam
Cyber-crime09 Jul 2025 | 4
US shuts down a string of North Korean IT worker scams
Resulting in two indictments, one arrest, and 137 laptops seized
Cyber-crime30 Jun 2025 | 1
Uncle Sam moves to seize $7.7M laundered by North Korean IT worker ring
The cash has been frozen for more than two years
Security06 Jun 2025 | 3
Maryland man pleads guilty to outsourcing US govt work to North Korean dev in China
Feds say $970K scheme defrauded 13+ companies
Cyber-crime30 Apr 2025 | 10
The one interview question that will protect you from North Korean fake workers
RSAC FBI and others list how to spot NK infiltrators, but AI will make it harder
Spotlight on RSAC29 Apr 2025 | 96
North Korea’s fake tech workers now targeting European employers
With help from UK operatives, because it’s getting tougher to run the scam in the USA
Cyber-crime02 Apr 2025 | 16
FCC stands up Council on National Security to fight China in ways that CISA used to
Infosec In Brief PLUS: Alleged Garantex admin arrested in India; Google deletes more North Korean malware
Security16 Mar 2025 | 6
North Korea targets crypto developers via NPM supply chain attack
Yet another cash grab from Kim's cronies and an intel update from Microsoft
Research13 Feb 2025 | 8
Arizona laptop farmer pleads guilty for funneling $17M to Kim Jong Un
300+ US companies, 70+ individuals hit by the fraudsters
Cyber-crime12 Feb 2025 | 26
North Koreans clone open source projects to plant backdoors, steal credentials
Stealing crypto is so 2024. Supply-chain attacks leading to data exfil pays off better?
Devops29 Jan 2025 | 2
DARPA asking for ideas on automating money laundering detection
With all the AI hype swirling around, you'd think someone would've cracked this one already
Software28 Jan 2025 | 22
North Korean dev who renamed himself 'Bane' accused of IT worker fraud caper
5 indicted as FBI warns North Korea dials up aggression, plus Russian devs allegedly get in on the act
Cyber-crime24 Jan 2025 | 2
Datacus extractus: Harry Potter publisher breached without resorting to magic
Infosec in brief PLUS: Allstate sued for allegedly tracking drivers; Dutch DDoS; More fake jobs from Pyongyang; and more
Security20 Jan 2025 | 7
When food delivery apps reached Indonesia, everyone put on weight
Asia In Brief PLUS: Salt Typhoon and IT worker scammers sanctioned; Alibaba Cloud’s K8s go global; Amazon acquires Indian BNPL company
Software20 Jan 2025 | 5
Crypto klepto North Korea stole $659M over just 5 heists last year
US, Japan, South Korea vow to intensify counter efforts
Cyber-crime15 Jan 2025 | 13
UK ICO not happy with Google's plans to allow device fingerprinting
Infosec in brief Also, Ascension notifies 5.6M victims, Krispy Kreme bandits come forward, LockBit 4.0 released, and more
Security23 Dec 2024 | 75
North Korea's fake IT worker scam hauled in at least $88M over six years
DoJ thinks it's found the folks that ran it, and some of the 'IT warriors' sent out to fleece employers
Cyber-crime13 Dec 2024 | 2
Continuity of CHIPS and Science Act questioned in a Trump presidency
Asia In Brief Plus: A premium minimum wage for Malaysian datacenter workers; N Koreans maybe discover spicy content; S Korea fines Meta for data misuse, and more
Systems11 Nov 2024 | 34
Officials warn of Russia's tech-for-troops deal with North Korea amid Ukraine conflict
10,000 of Kim Jong Un's soldiers believed to be headed for front line
Security07 Nov 2024 | 45
Biz hired, and fired, a fake North Korean IT worker – then the ransom demands began
'My webcam isn't working today' is the new 'The dog ate my network'
Security18 Oct 2024 | 41
How to spot a North Korean agent before they get comfy inside payroll
Mandiant publishes cheat sheet for weeding out fraudulent IT staff
Cyber-crime24 Sep 2024 | 19
North Korean scammers plan wave of stealth attacks on crypto companies, FBI warns
Feds warn of 'highly tailored, difficult-to-detect social engineering campaigns'
Cyber-crime05 Sep 2024 | 8
US 'laptop farm' man accused of outsourcing his IT jobs to North Korea to fund weapons programs
American and Brit firms thought they were employing a Westerner, but not so, it's alleged
CSO08 Aug 2024 | 19
Secure Boot useless on hundreds of PCs from major vendors after key leak
Infosec in brief Plus: More stalkerware exposure; a $16M TracFone fine; Ransomware victims don't use MFA, and more
Security29 Jul 2024 | 36
North Korean chap charged for attacks on US hospitals, military, NASA – and even China
Microsoft, Mandiant, weigh in with info about methods used by Andariel gang alleged to have made many, many, heists
Security26 Jul 2024 | 4
Security biz KnowBe4 hired fake North Korean techie, who got straight to work ... on evil
If it can happen to folks that run social engineering defence training, what hope for the rest of us?
Security24 Jul 2024 | 35
North Korea likely behind takedown of Indian crypto exchange WazirX
Firm halts trades after seeing $230 million disappear
Security19 Jul 2024 | 20
South Korea orders 'Star Wars' lasers to blast Northern drones out of the sky
Ancient weapons are no match for a good blaster at your side
Offbeat12 Jul 2024 | 44
Baddies hijack Korean ERP vendor's update systems to spew malware
Notorious 'Andariel' crew takes a bite of HotCroissant backdoor for fresh attack
Malware Month02 Jul 2024 |
New Nork-ish cyberespionage outfit uncovered after three years
Sector-agnostic group is after your data, wherever you are
Cyber-crime31 May 2024 |
North Korea building cash reserves using ransomware, video games
Microsoft says Kim’s hermit nation is pivoting to latest tools as it evolves in cyberspace
Cyber-crime29 May 2024 | 2
Three cuffed for 'helping North Koreans' secure remote IT jobs in America
Your local nail tech could be a secret agent for Kim’s cunning plan
Security17 May 2024 | 22
Russia, Iran pose most aggressive threat to 2024 elections, say infoseccers
Google security crew reveal ‘the four Ds’ to be on the watch for
Cyber-crime25 Apr 2024 | 9
Misconfigured cloud server leaked clues of North Korean animation scam
Outsourcers outsourced work for the BBC, Amazon, and HBO Max to the hermit kingdom
Cyber-crime23 Apr 2024 | 17
Execs in Japan busted for winning dev bids then outsourcing to North Koreans
Government issues stern warning over despot money-making scheme
Cyber-crime28 Mar 2024 | 12
That Asian meal you eat on holidays could launder money for North Korea
United Nations finds IT contract and crypto scams are just two of DPRK's illicit menu items
Security25 Mar 2024 | 17
It's 2024 and North Korea's Kimsuky gang is exploiting Windows Help files
New infostealer may indicate a shift in tactics – and maybe targets too, beyond Asia
Research21 Mar 2024 | 5
Microsoft waited 6 months to patch actively exploited admin-to-kernel vulnerability
Infosec in brief PLUS: NSA shares cloud security tips; Infosec training for Jordanian women; Critical vulnerabilities
Security11 Mar 2024 | 10
North Korea running malware-laden gambling websites as-a-service
$5k a month for the site. $3k for tech support. Infection with malware and funding a despot? Priceless
Cyber-crime15 Feb 2024 | 3
Think tank warns North Korea uses AI for battle planning, maybe using cloudy resources
Calls for clouds, and scientists, to take care they're not aiding Pyongyang
AI + ML24 Jan 2024 | 8
Russia joins North Korea in sending state-sponsored cyber troops to pick on TeamCity users
Updated National security and infosec authorities band together to help victims sniff out stealthy Russian baddies hiding in networks
Cyber-crime14 Dec 2023 | 1
Think tank report labels NSO, Lazarus as 'cyber mercenaries'
Sure, they do crimes. But the plausible deniability governments adore means they deserve a different label
Cyber-crime13 Dec 2023 | 11
Memory-safe languages so hot right now, agrees Lazarus Group as it slings DLang malware
Latest offensive cyber group to switch to atypical programming for payloads
Research11 Dec 2023 | 10
Korean peninsula space race sees South and North launch tit for tat spy sats
North claims it took photos of stuff. South points to success of homegrown booster
Offbeat05 Dec 2023 | 8
North Korea makes finding a gig even harder by attacking candidates and employers
That GitHub repo an interviewer wants you to work on could be malware
Cyber-crime23 Nov 2023 | 6
North Korea readies third attempt at 'spy satellite' launch
What a coincidence! The South is just about to lauch one, too. And it probably won't be junk like the hermit kingdom's recent efforts
Science21 Nov 2023 | 3
Fresh find shines new light on North Korea’s latest macOS malware
Months of work reveals how this tricky malware family targets... the financial services sector
Research07 Nov 2023 | 4
After six days and thousands of pwned users, Cisco poised to patch IOS XE flaw
Security in brief ALSO: SolarWinds using plaintext passwords; North Korea attacks TeamCity; Critical vulns, and more
Security22 Oct 2023 | 3
‘How not to hire a North Korean plant posing as a techie’ guide updated by US and South Korean authorities
Advise turning off and never using remote desktop protocol, prohibiting private VPNs, not trusting recruiters’ due diligence
Cybersecurity Month19 Oct 2023 | 51
South Korea accuses North of Phish and Ships attack
Kim Jong-un looks at industry's progress with green eyes, says South Korea's spy agency
Cyber-crime05 Oct 2023 |
Biting the hand that feeds IT
