Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
Editorials & Other Articles
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
North Korean Front Companies Impersonate U.S. IT Firms to Fund Missile Programs
"These IT workers funneled income from their fraudulent IT work back to the DPRK through the use of online payment services and Chinese bank accounts," the U.S. Department of Justice (DoJ) noted at the time.
SentinelOne, which analyzed four new DPRK IT Worker front companies, said they were all registered through NameCheap and claimed to be development outsourcing, consulting, and software businesses, while copying their content from legitimate companies -
-- Independent Lab LLC (inditechlab[.]com), which copied its website format from a U.S.-based company called Kitrum
-- Shenyang Tonywang Technology LTD (tonywangtech[.]com), which copied its website format from a U.S.-based company called Urolime
-- Tony WKJ LLC (wkjllc[.]com), which copied its website format from an India-based company called ArohaTech IT Services
-- HopanaTech (hopanatech[.]com), which copied its website format from a U.S.-based company called ITechArt
While all the aforementioned sites have since been seized by the U.S. government as of October 10, 2024, SentinelOne said it traced them back to a broader, active network of front companies originating from China.
Furthermore, it identified another company named Shenyang Huguo Technology Ltd (huguotechltd[.]com) exhibiting similar characteristics, including using copied content and logos from another Indian software firm TatvaSoft. The domain was registered via NameCheap in October 2023.
"These tactics highlight a deliberate and evolving strategy that leverages the global digital economy to fund state activities, including weapons development," the researchers said.
SentinelOne, which analyzed four new DPRK IT Worker front companies, said they were all registered through NameCheap and claimed to be development outsourcing, consulting, and software businesses, while copying their content from legitimate companies -
-- Independent Lab LLC (inditechlab[.]com), which copied its website format from a U.S.-based company called Kitrum
-- Shenyang Tonywang Technology LTD (tonywangtech[.]com), which copied its website format from a U.S.-based company called Urolime
-- Tony WKJ LLC (wkjllc[.]com), which copied its website format from an India-based company called ArohaTech IT Services
-- HopanaTech (hopanatech[.]com), which copied its website format from a U.S.-based company called ITechArt
While all the aforementioned sites have since been seized by the U.S. government as of October 10, 2024, SentinelOne said it traced them back to a broader, active network of front companies originating from China.
Furthermore, it identified another company named Shenyang Huguo Technology Ltd (huguotechltd[.]com) exhibiting similar characteristics, including using copied content and logos from another Indian software firm TatvaSoft. The domain was registered via NameCheap in October 2023.
"These tactics highlight a deliberate and evolving strategy that leverages the global digital economy to fund state activities, including weapons development," the researchers said.
https://thehackernews.com/2024/11/north-korean-front-companies.html
More on the DOJ's crackdown:
https://thehackernews.com/2023/10/us-doj-cracks-down-on-north-korean-it_20.html
Latest from the DOJ on the Korean hacker front:
https://www.justice.gov/opa/pr/justice-department-announces-court-authorized-action-disrupt-illicit-revenue-generation
Keep an eye on The Hacker News, which will likely report Russian cyberinsurgency in coming trump years, while trump likely has the DOJ drop these cases, and tries to hobble and defund CISA, while he allows putin and his GRU as much access as they want to American intelligence.