TZUTC: -0500
MSGID: 1216.consprcy@1:2320/105 2cca7861
PID: Synchronet 3.20a-Linux master/acc19483f Apr 26 202 GCC 12.2.0
TID: SBBSecho 3.20-Linux master/acc19483f Apr 26 2024 23:04 GCC 12.2.0
BBSID: CAPCITY2
CHRS: ASCII 1
Microsoft warns North Korean hackers are expanding fake job schemes - as Feds
announce further crackdown

Date:
Tue, 01 Jul 2025 15:26:00 +0000

Description:
Fake jobs and fake employees are everywhere, and are costing US companies
dearly.

FULL STORY

North Korean hackers, scamming their way into US-based high-profile tech
companies, have lately been ramping up their efforts, security experts have
warned. 

In a recent analysis , Microsoft urged its peers to implement stricter
pre-employment vetting measures, and create policies to block unapproved IT
management tools. 

Further analysis from the US government found these people were working on
stealing money for the North Korean government, which then uses it to fund 
its government apparatus and its weapons program.

Arresting the suspects 

The US has imposed stiff sanctions on North Korea which, among other things,
prevent US companies from hiring North Korean nationals. 

As a result, the adversaries have been creating fake personas and using all
sorts of tools (including VPNs), to hide their true identities and location,
and thus increase their chances of getting hired. 

Lately, theyve increased their efforts and have started using voice-changing
software and AI-enhanced documents to boost their credibility. 

Theyve also managed to use a person living in New Jersey, who opened up shell
companies to trick victims into thinking they were paying a local business.
That same person allegedly also helped their overseas peers get hired. 

But the gig seems to be up, as the US Department of Justice (DoJ) arrested 
and accused a US national named Zhenxing Danny Wang of running a years-long
scheme. The effort netted more than $5 million. Another eight people were
indicted as well - two Taiwanese and six Chinese nationals. They are all now
accused of conspiring to commit wire fraud, money laundering, identity theft 
, hacking, and sanctions violations. 

Besides actually being paid for the work done (which ironically, according to
Microsoft, is often stellar), these people also get access to sensitive
company data. They sometimes abuse this access by stealing the data and then
extorting the company. 

One of the biggest and most destructive hacking collectives in the world is
the North Korean state-sponsored group Lazarus, which brought billions of
dollars to the government through similar schemes. In fact, the entire
operation even has a name - Operation DreamJob. 

 Via TechCrunch

======================================================================
Link to news story:
https://www.techradar.com/pro/security/microsoft-warns-north-korean-hackers-ar
e-expanding-fake-job-schemes-as-feds-announce-crackdown

$$
--- SBBSecho 3.20-Linux
 * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)
SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700
SEEN-BY: 226/30 227/114 229/110 111 206 300 307 317 400 426 428 664
SEEN-BY: 229/700 705 266/512 291/111 320/219 322/757 342/200 396/45
SEEN-BY: 460/58 712/848 902/26 2320/0 105 304 3634/12 5075/35
PATH: 2320/105 229/426