A network of Chinese companies is supporting North Korea's IT worker fraud operation

North Korean IT workers are setting up front companies across China as part of their global operation to trick Western companies into hiring them, according to a new report shared first with Axios.Why it matters: Nearly every Fortune 500 company has struggled with the problem of North Korea-based IT workers trying to get hired at their firms. But few talk about the problem publicly over fears of law enforcement retaliation and embarrassment. Driving the news: Strider Technologies, a cyber intelligence platform that works with eight of the Fortune 10 companies, released a report today saying it's identified 35 China-based companies linked to North Korean IT worker operations. Those 35 companies are strongly believed to be affiliated with Liaoning China Trade Industry Co., a U.S.-sanctioned company that has shipped IT equipment to a North Korean government agency. Zoom in: Strider specifically calls out three of those 35 organizations that could be helping Liaoning China Trade fund North Korea's operation:Dandong Deyun Trading Co., a registered textiles and electronics wholesaler and retailer;Guangzhou Aiyixi Trading Co., a cosmetics and clothing wholesaler that advertises itself online as a producer of commercial induction cookers and bathroom cabinets;Yongping Zhuoren Mining Co., a company registered as a wholesaler of mineral products and building materials.The big picture: For years, North Korean IT workers have been scamming U.S.-based companies into hiring them with the goal of using the higher salaries to help fund the country's missiles program.But a part of those operations have shifted to focus on gathering intelligence about the companies they're working at, including intellectual property and any other company secrets, Strider CEO Greg Levesque told Axios.The intrigue: Cybersecurity vendors have been stepping up their efforts to raise awareness about the problem over the last year. An FBI notice sent to companies earlier this year significantly raised awareness about the scope of the problem, Levesque said. Google said during a media roundtable on the sidelines of the RSA Conference last month that it had seen North Korean IT workers applying for jobs at their company. Cyber vendors SentinelOne and KnowBe4 have said they've accidentally hired these workers themselves. What they're saying: "Right now, what we're all realizing is that the scope and scale of that enterprise is far greater than people originally knew," Levesque said. Between the lines: Much of the remote hiring process is siloed, and HR professionals aren't necessarily equipped to spot a fraudulent application.New mitigation and detection tools that automatically spot applications that could have fake or misleading information will be the key to stopping this problem, Levesque said. What to watch: Strider is releasing a tool later this week that will help automatically detect falsified resumes, which North Korean IT workers are using in their job applications all the time. Go deeper: North Korean IT workers game U.S. companies' hiring practices

Comments

World news

Vladimir Putin snubs Zelensky in peace talks as Kremlin issues statement

Express

Comments

World news

Vladimir Putin snubs Zelensky in peace talks as Kremlin issues statement

Josh Hawley says ‘nobody believes’ Trump can be bought: ‘What does he need more money for’?

Starbucks baristas go on strike following new rule change

Salman Rushdie pulls out as commencement speaker at California college over protest threats

Moment Miami Uber driver pulls gun on passengers in the middle of their ride

Marco Rubio working on major changes to the National Security Council that would significantly scale it down

Another Ford recall of nearly 274,000 vehicles over brake issue

Gabbard fires top officials for alleged leaking after assessment on Venezuela contradicts Trump

‘He’s a hero’: Syrians praise Trump after removal of decades-old sanctions regime

A map to a $10,000 treasure in San Francisco was shared online - it sent the city into a tizzy

At 62, Tom Cruise is willing to die to get you to the movies

Carney's cabinet has more MPs from Brampton than Alberta and Saskatchewan combined

Man jailed for 222 ‘bogus returns’ at N.B. Staples after asking for house arrest to avoid deportation

CBC eliminates bonuses for executives and staff, but will boost salaries to compensate

Musk plans for billions of humanoid robots, personal R2-D2s and C-3POs

Dem Sen. Reed criticizes Trump plan to cut Pentagon personnel

DIA predicts China will have 4,000 hypersonic missiles by 2035

Ryanair blow as Spanish court issues £123 order over hand luggage charges

POLL: Should Russia be punished if Putin doesn’t meet Zelensky?

The 1 reason 'failing' Vladimir Putin is unlikely to meet Zelensky tomorrow

The celebrities mentioned during Diddy’s sex trafficking trial

Trump admin officials pen NYT op-ed describing welfare restrictions as an ‘opportunity’: ‘Work is transformative’

Donald Trump praises ‘young, attractive’ ex-terrorist Syrian leader Ahmed al-Sharaa

USAID looking for lawyers to target employees who spoke to media

Texas continues to restrict the care women receive - but hey, moms could soon use the carpool lane

Kristi Noem won’t say if Trump’s photo of Kilmar Abrego Garcia’s tattoos was ‘doctored’

Albania's prime minister thanks voters for landslide win and pledges EU membership by 2030

Only a fool would dismiss Kim Kardashian’s trauma – she’s built an empire on it

Rose West now: Everything we know about serial killer’s life in prison

Inside ‘degrading’ Georgian prison where British teen could spend the rest of her life

Nova Scotia electric utility says stolen customer data includes bank account numbers

Finance minister says no 2025 budget, while government focuses on fall update

Canada’s telecoms say roaming revenue is down as U.S. travel drops

Concerns raised as 2 Metro Vancouver transportation mega-projects face delays

Newcomers feeling Canadian during playoff hockey

Vancouver Canucks tap assistant coach Adam Foote as new bench boss

Should you move up plans to buy a home? Gauge the risks and rewards

Toronto mom charged with attempted murder after 4-year-old falls from condo balcony

B.C. premier set to provide update on trade diversification

Peel police investigate after man dies in daylight Mississauga shooting

U.S. overdose deaths fell 27% in 2024, a new 1-year record

Calgary high school put on lockdown after student attacked with a weapon

Modi Has Changed India’s Military Doctrine

Saudi Arabia brings in mobile McDonald's truck for fast-food loving Donald Trump

Putin mocks West and Ukraine by refusing to confirm if he's attending peace talks

Trump's meeting with Sharaa, unthinkable just months ago, boosts Syrians' hopes

US Lining Up More Countries to Take Its Deportees

Top moments from Axios' Future of Health summit

Merz vows to keep the U.S. on board on Ukraine and strengthen Germany's military and economy

Israeli airstrikes in Gaza kill 70 people, including 22 children, health officials say

Brazil's Lula says he will urge Putin 'go to Istanbul and negotiate' with Zelenskyy

A French mining company sues Niger after its director disappears and offices are raided

France's premier facing questions from an inquiry on a Catholic school abuse scandal

An explosion at a chemical plant near Spain's Seville leads to warnings for thousands

Thai officials seize over 200 tons of illegally imported electronic waste from the U.S.

What would lifting U.S. sanctions on Syria mean to the war-torn country?

Bombshell Noah’s Ark discovery could prove Bible story is true

Russian economy nightmare as Putin panics over inflation with stockmarket in freefall

Inside Putin and Zelensky's last meeting 6 years ago - and the ceasefire they discussed

Clerk in Alex Murdaugh double murder trial is arrested on misconduct and obstruction charges