Threat Intelligence, Data Security

FBI: North Korean IT worker scheme involves source code theft, extortion

Computer keyboard, close-up button of the flag of North Korea.

Organizations in the public and private sectors across the U.S. have been warned by the FBI regarding North Korean IT workers' source code exfiltration and extortion activities against remotely infiltrated entities, reports BleepingComputer.

"North Korean IT workers could attempt to harvest sensitive company credentials and session cookies to initiate work sessions from non-company devices and for further compromise opportunities," said the FBI in an advisory, which recommended combating potential compromise through local admin account deactivation and restricted remote desktop app permissions, as well as increased network traffic monitoring and more extensive network log reviews. The FBI also urged organizations to vet their third-party staffing firms, inquire about applicants' location or educational background, better examine resumes, and strive for a mostly in-person onboarding process to prevent possible North Korean IT worker hiring. Such an alert comes as a pair of North Koreans and three others have been indicted by the U.S. Justice Department over their involvement in a years-long fake remote IT worker scheme aimed at dozens of U.S. firms.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds