Leak Reveals the Workaday Lives of North Korean IT Scammers
Job hunting is a fresh kind of hell. Hours are wasted sifting through open roles, tweaking cover letters, dealing with obtuse recruiters—and that’s all before you get started with potential interviews. Arguably, some of the world’s most prolific job applicants—or at least most persistent—are those of North Korea’s sprawling IT worker schemes. For years, Kim Jong Un’s repressive regime has successfully sent skilled coders abroad where they’re tasked with finding remote work and sending money back to the heavily sanctioned and isolated nation. Each year, thousands of IT workers bring in somewhere between $250 million and $600 million, according to United Nations estimates.
Now an apparent huge new trove of data, obtained by a cybersecurity researcher, sheds new light on how one group of alleged North Korean IT workers has been running its operations and the meticulous planning involved in the money-making schemes. Money made by scam IT workers contributes to North Korea’s weapons of mass destruction development efforts and ballistic missile programs, the US government has said. Emails, spreadsheets, documents, and chat messages from Google, Github, and Slack accounts allegedly linked to the alleged North Korean scammers show how they track potential jobs, log their ongoing applications, and record earnings with a painstaking attention to detail.
The cache of data, which represents a glimpse into the workaday life of some of North Korea’s IT workers, also purportedly includes fake IDs that may be used for job applications, as well as example cover letters, details of laptop farms, and manuals used to create online accounts. It reinforces how reliant upon US-based tech services, such as Google, Slack, and GitHub, the DPRK workers are.
