Five individuals have admitted guilt in facilitating North Korean operatives’ access to US-based remote IT positions through sophisticated schemes, according to federal authorities. These actions violate US laws designed to prevent cyber espionage and financial crimes.

This case highlights a broader pattern of cyber operations backed by North Korea, particularly linked to the notorious hacking group APT38, also known as Lazarus. Over the past decade, this group has launched increasingly aggressive campaigns aimed at stealing millions of dollars in cryptocurrencies and revenue from legitimate jobs, funding North Korea’s military ambitions. Experts note that such operations often serve dual purposes: generating income and conducting espionage activities, including malware deployment immediately after job placement.

According to the Department of Justice, the five men pleaded guilty to wire fraud, with one also admitting to aggravated identity theft. These crimes are part of a larger effort by North Korean cyber actors to infiltrate US companies and steal sensitive data, as highlighted in recent security reports by cybersecurity firms. The case underscores the persistent threat of state-sponsored cybercrime and the importance of vigilance in remote hiring practices.

David Nield

Dave is a freelance tech journalist with over 20 years covering gadgets, apps, and the web. From Stockport, England, he covers news, features, and reviews for TechRadar, focusing on phones, tablets, and wearables. He ensures top weekend breaking news and has bylines at Gizmodo, T3, PopSci, and others. He edited PC Explorer and The Hardware Handbook for years. Read me on x.com or linkedin.