INSUBCONTINENT EXCLUSIVE:
Fake social media profiles are useful for more than just sowing political discord among foreign adversaries, as it turns out
A group linked to the North Korean government has been able to duck existing sanctions on the country by concealing its true identity and
developing software for clients abroad.
This week, the US Treasury issued sanctions against two tech companies accused of running
cash-generating front operations for North Korea: Yanbian Silverstar Network Technology or &China Silver Star,& based near Shenyang, China,
and a Russian sister company called Volasys Silver Star
The Treasury also sanctioned China Silver Star North Korean CEO Jong Song Hwa.
These actions are intended to stop the flow of illicit
revenue to North Korea from overseas information technology workers disguising their true identities and hiding behind front companies,
aliases, and third-party nationals,& Treasury Secretary Steven Mnuchin said of the sanctions.
As the Wall Street Journal reported in a
follow-up story, North Korean operatives advertised with Facebook and LinkedIn profiles, solicited business with Freelance.com and Upwork,
crafted software using Github, communicated over Slack and accepted compensation with Paypal
The country appears to be encountering little resistance putting tech platforms built by US companies to work building software including
&mobile games, apps, [and] bots& for unwitting clients abroad.
US Treasury sanctions North Korea over Sony hack and WannaCry attack
The US
Treasury issued its first warnings of secret North Korean software development scheme in July, though did not provide many details at the
The Wall Street Journal was able to identify ''tens of thousands& of dollars stemming from the Chinese front company, though that only a
The company worked as a middleman, contracting its work out to software developers around the globe and then denying payment for their
services.
Facebook suspended many suspicious accounts linked to the scheme after they were identified by the Wall Street Journal, including
one for &Everyday-Dude.com&:
A Facebook page for Everyday-Dude.com, showing packages with hundreds of programs, was taken down minutes later
as a reporter was viewing it
Pages of some of the account more than 1,000 Facebook friends also subsequently disappeared…
[Facebook] suspended numerous North
Korea-linked accounts identified by the Journal, including one that Facebook said appeared not to belong to a real person
After it closed that account, another profile, with identical friends and photos, soon popped up.
Linkedin and Upwork similarly removed
accounts linked to the North Korean operations.
Beyond the consequences for international relations, software surreptitiously sold by the
North Korean government poses considerable security risks
According to the Treasury, the North Korean government makes money off of a &range of IT services and products abroad& including &website
and app development, security software, and biometric identification software that have military and law enforcement applications.& For
companies unwittingly buying North Korea-made software, the potential for malware that could give the isolated nation eyes and ears beyond
its borders is high,particularly given that the country has already demonstrated its offensive cyber capabilities.
Between that and
sanctions against doing business with the country, Mnuchin urges the information technology industry and other businesses to exercise
awareness of the ongoing scheme to avoid accidentally contracting with North Korea on tech-related projects.
