Safety notice
The Office for the Protection of the Constitution warns against IT specialists from North Korea

North Korean IT workers are suspected of spying on companies in the West (symbolic image). photo
© Uli Deck/dpa
When looking for freelance IT specialists, companies also find what they are looking for on freelance platforms. The Federal Office for the Protection of the Constitution is now calling on businesses to take a closer look.
The Federal Office for the Protection of the Constitution is warning German companies about North Korean IT workers who offer their services via platforms for freelancers. By The agency’s security advisory said these workers were concealing their true origins and using stolen identities to obtain contracts. Anyone who hires such disguised IT specialists exposes themselves to considerable risks. These included reputational risks, the risk of sanctions violations and the risk of intellectual property and internal company data being stolen.
A year ago, the US specialist portal “The Daily Beast” revealed that IT specialists from North Korea were active on freelance platforms with fake activities and offered their services there at supposedly favorable conditions.
At that time, the US Federal Police FBI uncovered fraudulent activity on online job boards for freelancers that were used to circumvent US sanctions and earn money for North Korean government entities involved in ballistic missile research and development. North Korean agents concealed their true identities in order to obtain IT jobs in Western countries.
Fake identities
The current security warning from the Office for the Protection of the Constitution states: “Companies that commission North Korean IT workers help the regime obtain foreign currency and thus indirectly contribute to financing its nuclear weapons and missile program.” To conceal their true origins, North Korean cybercriminals used fake or stolen identities and documents, including fake social media profiles, often posing as freelancers from South Korea, Japan or Eastern European countries.
It is typical for cybercriminals to be paid in cryptocurrencies such as Bitcoin or via platforms such as PayPal. The Office for the Protection of the Constitution called on HR managers in German companies to conduct job interviews in person or via video call. This makes it possible to check the applicant’s identity and determine whether there are any discrepancies. “In the video call, pay attention to eye movements or long pauses in speech, which indicate that the answers are being read,” writes the Federal Office. Free orders should also not be paid exclusively in cryptocurrencies.
Safety alert for the economy Report “The Daily Beast”