Seriously Risky Business Newsletter
April 03, 2025
Bonjour, Fellow IT Workers
Presented by

Policy & Intelligence
Fraudulent North Korean IT workers are pivoting into new regions as it becomes more difficult for them to get jobs in the United States. The bad news is they are also employing new tactics that make them more dangerous.
For several years North Korea has used IT workers to raise revenue for the regime in addition to its cryptocurrency hacking efforts. These workers use fake identities and seek legitimate remote jobs across a range of industries. They are paid wages, but also leverage their privileged access to enable cyber intrusions.
In a report released this week Google's Threat Intelligence Group said North Korean IT workers were widening their global operations, with a "notable focus" on Europe. This report, and similar research from insider risk management firm DTEX, were covered by Catalin Cimpanu in our sister publication Risky Bulletin. Catalin's write-up covers the history of the IT worker scam, who has been affected and resources to help identify potential North Korean workers.