Report: North Korean IT worker scheme backed by China

North Korea has been covertly expanding its fake IT worker scheme that facilitates ransomware intrusions, cryptocurrency compromise, and malicious software distribution with the help of Chinese front companies, Cybersecurity Dive reports.

Aside from a U.S.-sanctioned Chinese firm delivering computers and network equipment to North Korean IT workers, there were 35 other entities associated with the said organization that could have been providing support to North Korea, according to an analysis from Strider Technologies, a strategic intelligence firm. "This network presents a significant risk to Western businesses, which may unknowingly engage with or rely on entities connected to North Korean operations, exposing them to potential sanctions violations and serious reputational harm," said the report. Such findings come after a Flashpoint report detailing the multi-stage nature of North Korea's IT worker fraud, which involved bogus job references, laptop shipping locations, and instructions to foreigners who have been lured into the scheme.