FBI seizes websites that North Koreans allegedly used to impersonate American companies

North Korean leader Kim Jong Un meets with leading officials of the Workers’ Party of Korea in Pyongyang, North Korea, in this photo released by North Korea’s official Korean Central News Agency on September 10, 2024. KCNA/Reuters/File
CNN NEWS | Published November 22, 2024

The FBI has seized multiple websites that North Korean operatives used to impersonate legitimate US and Indian businesses in a likely effort to raise money for the nuclear armed-North Korean regime, according to statements on the websites and security researchers who investigated the activity.

All four websites identified by cybersecurity firm SentinelOne as North Korean fronts on Thursday had a statement in English and Korean saying they had been seized pursuant to a warrant issued by the US District Court of Massachusetts as part of a “coordinated law enforcement action” against the North Korean government. SentinelOne researchers traced the front companies to a larger set of organizations based in China.

Tracking down and thwarting these fake companies is an immense national security challenge that the Biden administration has tried to tackle and that the Trump administration will inherit. About half of North Korea’s missile program has been funded by cyberattacks and cryptocurrency theft, a White House official said last year.

The front companies closely mimicked the websites of multiple US software and consulting firms, and encouraged prospective clients to get in touch, according to SentinelOne’s analysis.

The FBI declined to comment.

The statement from the FBI and other US law enforcement agencies on the seized websites directs visitors to a 2022 warning from US officials that North Korea was using thousands of IT workers abroad to stealthily raise money for the regime.

READ FULL ARTICLE

SOURCE: www.cnn.com

RELATED: FBI Targets North Korean Cyber Fraud Scheme

THE PINNACLE GAZETTE | Published November 22, 2024

Websites impersonated legitimate businesses to generate funding for North Korea’s regime
The FBI has taken decisive action by seizing several websites allegedly operated by North Korean operatives, who were impersonated as legitimate U.S. and Indian businesses. This operation, revealed through investigations by cybersecurity experts, marks a significant step against North Korean efforts to generate revenue through deceptive online practices.

According to reports from cybersecurity firm SentinelOne, four specific websites were identified as significant fronts for North Korean financial schemes. Each of these domains displayed notices renouncing ownership, pointing to their seizure under the authority of the U.S. District Court of Massachusetts. Such coordinated law enforcement efforts aim to curtail funding sources for the nuclear-armed North Korean regime.

These counterfeit companies were found to have replicated the digital presence of actual American software and consulting firms. The phony online identities encouraged potential clients to engage, posing as credible entities within the industry. The nature of these front companies highlights the complex web of cyber deception North Korean actors have created, making it harder to trace their operations back to the rogue state.

Tracking and dismantling these fraudulent companies is not just about stopping impersonation; it’s also tied to national security concerns. Historical data shows approximately half of North Korea’s missile initiatives have been financed through cybercrime and cryptocurrency heists. This correlation raises alarms within the U.S. administration and casts light on the sprawling network of North Korean cyber operations.

While the FBI remained tight-lipped about details concerning the recent seizures, their actions tie back to previous warnings issued by U.S. authorities. North Korea has reportedly enlisted thousands of IT workers stationed abroad, using them to generate funds covertly for the regime’s ambitions, including illegal nuclear developments.

The 2022 State Department findings indicated North Korean operatives have attempted to infiltrate U.S. tech companies by disguising themselves as foreign nationals seeking employment. A notable incident involved an entrepreneur who, unknowingly, channeled tens of thousands of dollars to North Korean authorities.

READ FULL ARTICLE

SOURCE: www.evrimagaci.org

Be the first to comment

Leave a Reply