![]()
Fraudulent tech workers linked to North Korea are broadening their infiltration efforts into blockchain companies outside the US, following increased scrutiny by authorities. Some have already penetrated UK-based crypto projects, according to Google.
Jamie Collier, an adviser at Google’s Threat Intelligence Group (GTIG), stated in a report on April 2 that while the US remains a primary target, greater awareness and stricter right-to-work verification processes have pushed North Korean IT workers to seek roles with non-US firms.
“To adapt to the growing recognition of the threat within the US, they’ve developed a global network of fraudulent identities to improve operational flexibility,” Collier explained.
“The identification of facilitators in the UK suggests the quick development of an international network that supports their ongoing activities,” he added.
![]()
Source: Google
The role of “facilitators” in regions like Europe is also growing. These facilitators help with securing jobs, bypassing identity checks, and managing payments, contributing to the creation of a worldwide network that aids North Korean IT workers.
The risks posed by these activities are significant, including espionage, data theft, and the disruption of vital infrastructure. Organizations are advised to strengthen their security measures, especially in remote work settings and verification processes, to counter these emerging threats.