FlagThis

North Korean IT workers, including one who renamed himself ‘Bane’, are accused of engaging in fraudulent schemes. They infiltrated various companies and stole confidential source codes and demanding ransom to prevent release of the stolen data. This highlights a continued trend of North Korea using cyber operations to generate revenue while evading international sanctions. Organizations should be aware of this threat and take necessary precautions.

North Korean IT workers are increasingly using their access to company systems to steal source code and extort companies for ransom. These workers, often hired under false pretenses, are becoming more aggressive and are actively funneling funds back to the North Korean regime. The FBI and Mandiant have issued fresh warnings regarding this evolving threat, urging organizations to be vigilant. These North Korean IT workers are exploiting their remote access to extract sensitive data from companies and demand payment to prevent its release. Additionally, the US Department of Justice has charged several individuals involved in this scheme for conspiracy and money laundering. This highlights the severity and breadth of North Korean cybercrime activities.