Federal authorities announced the seizure of $1.5 million and 17 domain names as part of the investigation, which is ongoingThousands of information technology workers contracting with U.S. companies have for years secretly sent millions of dollars of their wages tothat IT workers dispatched and contracted by North Korea to work remotely with companies in St. Louis and elsewhere in the U.S. have been using false identities to get the jobs.
“We can tell you that there are thousands of North Korea IT workers that are part of this,” spokeswoman Rebecca Wu said. John Hultquist, the head of threat intelligence at the cybersecurity firm Mandiant, said North Korea’s use of IT freelancers to help fund the weapons program has been in play for more than a decade, but the effort got a boost from the COVID-19 pandemic.
Officials didn't name the companies that unknowingly hired North Korean workers, say when the practice began, or elaborate on how investigators became aware of it. But federal authorities have been aware of the scheme for some time. Greenberg said the workers used various techniques to make it look like they were working in the U.S., including paying Americans to use their home Wi-Fi connections.