CyberSecurity news
FlagThis
@www.silentpush.com
//
North Korean operatives have infiltrated hundreds of Fortune 500 companies, posing a significant threat to IT infrastructure and sensitive data. Security experts revealed at the RSAC 2025 Conference that the infiltration extends across virtually every major corporation, with many Fortune 500 companies unknowingly employing North Korean technical workers. This alarming trend raises serious concerns about potential security breaches and data theft. The experts said that dozens of experts and law enforcement at RSA said the campaign is now out of control, impacting thousands of companies.
Even tech giant Google has detected North Korean technical workers in their talent pipeline as job candidates and applicants, although they have not been hired to date. "If you're not seeing this, it's because you're not detecting it, not because it's not happening to you," warned Iain Mulholland, senior director of security engineering at Google Cloud, emphasizing the universality of the threat. Insider risk management firm DTEX corroborated these findings, reporting that 7% of its customer base-representing a cross-section of the Fortune 2000-has been infiltrated by North Korean operatives working as full-time employees with privileged access.
The North Korean IT worker scam has expanded beyond the tech and crypto industries and is now a threat to all companies. One cybersecurity expert even found evidence that a U.S. political campaign in Oregon hired a North Korean IT worker to build its website. Initially, the workers primarily focused on legitimate employment to generate funds for the regime in Pyongyang, but experts are now seeing a tactical shift toward extortion, which has been observed.
ImgSrc: www.silentpush.
References :
Even tech giant Google has detected North Korean technical workers in their talent pipeline as job candidates and applicants, although they have not been hired to date. "If you're not seeing this, it's because you're not detecting it, not because it's not happening to you," warned Iain Mulholland, senior director of security engineering at Google Cloud, emphasizing the universality of the threat. Insider risk management firm DTEX corroborated these findings, reporting that 7% of its customer base-representing a cross-section of the Fortune 2000-has been infiltrated by North Korean operatives working as full-time employees with privileged access.
The North Korean IT worker scam has expanded beyond the tech and crypto industries and is now a threat to all companies. One cybersecurity expert even found evidence that a U.S. political campaign in Oregon hired a North Korean IT worker to build its website. Initially, the workers primarily focused on legitimate employment to generate funds for the regime in Pyongyang, but experts are now seeing a tactical shift toward extortion, which has been observed.
ImgSrc: www.silentpush.
Share:
References :
- gbhackers.com: North Korean APT Hackers Pose as Companies to Spread Malware to Job Seekers
- iHLS: North Korean Hackers Set Up Fake U.S. Businesses to Target Cryptocurrency Developers
- www.cysecurity.news: Threat analysts at Silent Push, a U.S. cybersecurity firm, told Reuters that North Korean cyber spies established two companies in the U.S., Blocknovas LLC and Softglide LLC, using fictitious personas and addresses to infect developers in the cryptocurrency industry with malicious software, in violation of Treasury sanctions.
Classification:
- HashTags: #NorthKorea #CyberEspionage #LazarusGroup
- Company: Silent Push
- Target: Cryptocurrency Developers
- Attacker: North Korean APT
- Feature: Fake Companies
- Type: Espionage
- Severity: Major