North Koreans suspected of using fake resumes to steal crypto


Suspected North Korean thieves are plagiarising resumes and pretending to be from other countries as part of a wider effort to raise money for the government in Pyongyang.

The fraudsters are plundering job listings on LinkedIn and Indeed, incorporating details they find on legitimate profiles into their own resumes in order to try getting hired at US cryptocurrency firms.

One suspected North Korean job seeker recently claimed to be an “innovative and strategic thinking professional” in the tech industry, and added, “The world will see the great result from my hands.”

The job applicant’s account, identified on July 14, claimed to be from an experienced software developer. But researchers found nearly identical language in another person’s profile.

By collecting information from crypto companies, the researchers said, North Koreans can gather intelligence about upcoming cryptocurrency trends.

The North Korean government has consistently denied involvement in any cyber-enabled theft.

Other suspected North Koreans have fabricated job qualifications, with some users claiming on job applications to have published a white paper about the Bibox digital currency exchange, while another posed as a senior software developer at a consultancy focused on blockchain technology.

In addition, North Korean users, claiming to have programming skills, have posed questions on the coding site GitHub Inc, where software developers publicly discuss their findings, about larger trends in the cryptocurrency world.

The US warned in May that North Korean IT workers are trying to obtain freelance employment abroad while posing as non-North Korean nationals, in part to raise money for government weapons development programmes.

The IT workers claim to have the kinds of skills necessary for complex work like mobile app development, building virtual currency exchanges and mobile gaming, according to the US advisory.

North Korean IT workers “target freelance contracts from employers located in wealthier nations,” according to the US’s 16-page advisory released in May.

In many instances, the North Korean workers present themselves as South Korean, Chinese, Japanese or Eastern European and US-based teleworkers, according to the US advisory.

North Korea’s focus on stealing cryptocurrency comes after the country’s hackers spent years stealing money from the global financial system.

After a notorious 2016 heist on Bangladesh Bank, where the US accused North Korean thieves of trying to steal close to US$1 billion (S$1.38 billion), global banks added safeguards meant to stop such breaches.



You might also like