김정은 Regime에서 훈련받은 IT 공작원들이 이제는 전세계를 다니면서, 가상화폐(crypto)를 도적질 해서 김정은의 금고에 보내기위해 위장취업하여, 전세계를 휘졌고 있다는 충격적인 보도다.
FBI에서 온 전화 “당신 회사의 그 개발자, 北공작원입니다”.
김대중이가 대한민국의 대통령질 하면서, 당시만 해도 컴퓨터 분야에서는 황무지였던, 북괴 김정일 괴뢰 집단에, 수백대의 컴퓨터와 Engineer들을 평양에 보내, 북한사회에 컴퓨터라는 개념을 알려주고, 훈련시켜준 대가 쳐놓고는 너무도 많은 범죄를 저질러, 전세계의 금융시장을 휘젖고 다니면서 앞서 언급한것처럼, 우리나라를 포함한 세계 각국의 금융회사들의 돈을 도적질 해가는데 혈안이 되여 있다.
이게 바로 '김대중'의 햇볕정책의 목적이었었나? 도적질해온 돈으로, 북괴정권은 주민들 먹여 살릴 궁리는 뒷전이고, 핵무기개발, 탄도미사일 불법개발, 우리나라를 위협하는데 사용하고 있다는것은 이제는 새로운 뉴스거리가 못될 정도다.
이런데도, 정신 못차린 우리국민들의 상당수와 더불당 찌라시들은 '민주투사 김대중'으로 숭상하고 있다. 언론보도에 따르면, IMF 재앙을 당했을때 5천만 국민들은 자발적으로 금붙이 모으기를 해서 페허가된 한국경제를 복구하는데, 헌신했었다. 김대중이를 믿었기 때문이다.
지금 북미대륙에는 한국계 커다란 수퍼체인점들이 많다. 그체인점의 주인은 '김대중'이라는 Hearsay가 난무하다. 국민들의 '경제 재건을 위한 순수한 금붙이 모으기 운동이, 한놈의 주머니속으로 스며 들어갈줄이야 상상이나 했었겠는가다. 그래도 여전히 내고향을 포함한 상당수의 국민들은, 특히 더불당 찌라시들은 그를 "민주투사"라고 떠 받드는것도 모자라, 전국적으로 20여개가 넘는, 그를 기념하기위한, 상징물들을 설치하여 보관하고있다. 심지어 연세대학교에는 "김대중 도서관"까지 설립했다는 언론보도에 할말을 잃게 된다.
역사를 바꿀수는 없지만, 김대중이가 대통령질을 안했었다면?...
북한은 지금도 컴맹국가로 남아 있을 것이고, 핵무기개발, 탄도미사일같은 프로젝트는 꿈도 꾸지 못했을 것이다. 엄청된 자금이 소요돼기 때문이다. 그돈의 출처는 앞서 언급한것 처럼 전부, 김대중이가 우리국민들의 세금을 모아 김정일에 헌납한 돈과, 헤킹하여 끌어들인 자금으로 그짖을 한것이다.
김대중이는 우리나라의 훌륭한 정치가인가? 아니면 북괴정권이 전세계, 심지어 중국까지도 골머리를 앓게하고있는, 국제금융계를 휘젖고 다니면서 도적질을 해먹도록 나쁜 지식을 북괴Regime에 교육시켜, 우리나라를 비롯한 서방세계,우리나라를 비롯한 전 인류를 살상하는데 필요한 대량살상무기를 만들도록 북괴의 범죄행위를 부추킨, 대한민국의 역적중의 한놈일까?
FBI에서 온 전화 “당신 회사의 그 개발자, 北공작원입니다”라는 제보는 전세계를 경악케 했다. FBI가 발견한 북괴 공작원의 발견은 어쩌면 빙산의 일각일뿐일수도 있다. 쉬쉬하고 있지만, 우리나라에서도 여러번 당했었던것으로 알고 있다. 옛말에 "순사 10명이 도적놈 하나를 막기 어렵다"라는 말의 뜻을 새삼 실감한다.
북괴가 훈련하여 전세계로 내보낸 핵커들이, 특히 가상화폐를 포함하여 훔쳐간 돈은 수십억 달러(stolen the equivalent of billions of dollars)넘을 거라는 유엔발표에 놀랄 뿐이다. 수백만 달러를 도적질 하는 기술은 단 한번의 클릭으로 가능하다는 FBI와 사설조사기관(private investigators say)의 증언이 잇따르고 있다.
미국의 연방 조사국에서는 전세계를 상대로, 북괴 Regime이 심어놓은 IT분야의 전문가들이 고위직에 위장취업하여 모든 정보를 빼내가는데 중심역활을 하고 있다고 경고를 하고 있다.
나토정상회담을 하고, 환태평양 협의체를 결성하고, 한미일 동맹을 강화한들, 한미 공군이 최신형 전투기 F-35로 북괴를 위협한다고 시위비행을 한들, 이런 쥐새끼같은 짖을 일상화하고있는 북괴 김정은 Regime에 대해서는 마의동풍격이고, 아무런 재제조치를 하지 못하는데, 과연 존재 이유가 뭘까? 옛말에 "말을 듣지 않는자에게는 몽둥이가 약이다"라는 말이 새삼 피부에 와 닿은 순간이다.
Washington (CNN) Devin, the founder of a cryptocurrency startup based in San Francisco, woke up one day in February to the most bizarre phone call of his life.
The man on the other end, an FBI agent, told Devin that the seemingly legitimate software developer he'd hired the previous summer was a North Korean operative who'd sent tens of thousands of dollars of his salary to the country's authoritarian regime.
Stunned, Devin hung up and immediately cut the employee off from company accounts, he said.
"He was a good contributor," Devin lamented, puzzled by the man who had claimed to be Chinese and passed multiple rounds of interviews to get hired. (CNN is using a pseudonym for Devin to protect the identity of his company).
Devin's encounter is just one example of what US officials say is a relentless, evolving effort by the North Korean government to infiltrate and steal from cryptocurrency and other tech firms around the world to help fund Kim Jong Un's illicit nuclear and ballistic weapons program.
North Korean government-backed hackers have stolen the equivalent of billions of dollars in recent years by raiding cryptocurrency exchanges, according to the United Nations. In some cases, they've been able to nab hundreds of millions of dollars in a single heist, the FBI and private investigators say.
Now, US federal investigators are publicly warning about a key pillar of the North Korean strategy, in which the regime places operatives in tech jobs throughout the information technology industry.
The FBI, Treasury and State departments issued a rare public advisory in May about thousands of "highly skilled" IT personnel who provide Pyongyang with "a critical stream of revenue" that helps bankroll the regime's "highest economic and security priorities."
It's an elaborate money-making scheme that relies on front companies, contractors and deception to prey on a volatile industry that is always on the hunt for top talent. North Korean tech workers can earn more than $300,000 annually -- hundreds of times the average income of a North Korean citizen -- and up to 90% of their wages go to the regime, according to the US advisory.
"(The North Koreans) take this very seriously," said Soo Kim, a former North Korea analyst at the CIA. "It's not just some rando in his basement trying to mine cryptocurrency," she added, referring to the process of generating digital money. "It's a way of life."
The value of cryptocurrency has plummeted in recent months, depleting the North Korean loot by many millions of dollars. According to Chainalysis, a firm that tracks digital currency, the value of North Korean holdings sitting in cryptocurrency "wallets," or accounts, that have not been cashed out has dropped by more than half since the end of last year, from $170 million to about $65 million.
But analysts say the cryptocurrency industry is too valuable a target for North Korean operatives to turn away from because of the industry's relatively weak cyber defenses and the role that cryptocurrency can play in evading sanctions.
US officials have in recent months held a series of private briefings with foreign governments such as Japan, and with tech firms in the US and abroad, to sound the alarm about the threat of North Korean IT personnel, a Treasury Department official who specializes in North Korea told CNN.
The list of companies targeted by North Koreans covers just about every aspect of the freelance technology sector, including payment processors and recruiting firms, the official said.
Pyongyang has banked on its overseas tech workers for revenue for years. But the coronavirus pandemic -- and the occasional lockdown it has caused in North Korea -- has, if anything, made the tech diaspora a more crucial funding source for the regime, the Treasury official told CNN.
"Treasury will continue to target the DPRK's revenue generating efforts, including its illicit IT worker program and related malign cyber activities," Brian Nelson, Treasury undersecretary for terrorism and financial intelligence, said in a statement to CNN, using the acronym for North Korea.
"Companies that engage with or process transactions for [North Korean tech] workers risk exposure to US and UN sanctions," added Nelson, who last month met with South Korean government officials to discuss ways of countering the North's money-laundering and cybercrime activity.
CNN has emailed and called the North Korean Embassy in London seeking comment.
Federal investigators are also on the lookout for Americans who may be inclined to lend their expertise in digital currencies to North Korea.
In April, a 39-year-old American computer programmer named Virgil Griffith was sentenced to more than five years in US prison for violating US sanctions on North Korea after speaking at a blockchain conference there in 2019 on how to evade sanctions. Griffith pleaded guilty and, in a statement submitted to the judge before sentencing, expressed "deep regret" and "shame" for his actions, which he attributed to an obsession to see North Korea "before it fell."
But the long-term challenge facing US officials is much subtler than conspicuous blockchain conferences in Pyongyang. It involves trying to curtail the diffuse sources of funding that the North Korean government gets from its tech diaspora.
Double-edged sword
The North Korean government has long benefited from outsiders underestimating the regime's ability to fend for itself, thrive in the black market and exploit the information technology that underpins the global economy.
The regime has built a formidable cadre of hackers by singling out promising math and science students in school, putting North Korea in the same conversation as Iran, China and Russia when US intelligence officials discuss cyber powers.
In this photo provided by the North Korean government, North Korean leader Kim Jong Un attends a photo session with officers and soldiers, April 27, 2022.
One of the most infamous North Korean hacks occurred in 2014 with the crippling of Sony Pictures Entertainment's computer systems in retaliation for "The Interview," a movie involving a fictional plot to kill Kim Jong Un. Two years later, North Korean hackers stole some $81 million from the Bank of Bangladesh by exploiting the SWIFT system for transferring bank funds.
North Korea's hacking teams have in the years since trained their sights on the boom-and-bust cryptocurrency market.
The returns have been astronomical at times.
Pyongyang-linked hackers in March stole what was then the equivalent of $600 million in cryptocurrency from a Vietnam-based video gaming company, according to the FBI. And North Korean hackers were likely behind a $100 million heist at a California-based cryptocurrency firm, according to blockchain analysis firm Elliptic.
"Most of these crypto firms and services are still a long way off from the security posture that we see with traditional banks and other financial institutions," said Fred Plan, principal analyst at cybersecurity firm Mandiant, which investigated suspected North Korean tech workers and shared some of its findings with CNN.
The thousands of North Korean tech workers overseas give Pyongyang a double-edged sword: They can earn salaries that skirt UN and US sanctions and go straight to the regime while also occasionally offering North Korea-based hackers a foothold into cryptocurrency or other tech firms. The IT workers sometimes provide "logistical" support to the hackers and transfer cryptocurrency, the recent US government advisory said.
"The community of skilled programmers in North Korea with permission to contact Westerners is surely quite small," Nick Carlsen, who until last year was an FBI intelligence analyst focused on North Korea, told CNN.
"These guys know each other. Even if a particular IT worker isn't a hacker, he absolutely knows one," said Carlsen, who now works at TRM Labs, a firm that investigates financial fraud. "Any vulnerability they might identify in a client's systems would be at grave risk."
And both tech workers and hackers from North Korea have used the relatively open-door nature of the job search process -- in which anyone can pretend to be anyone on platforms such as LinkedIn -- to their advantage. In late 2019, for example, possible North Korean hackers posed as job recruiters on LinkedIn to target sensitive data held by employees at two European aerospace and defense firms, according to researchers at cybersecurity firm ESET.
"We actively seek out signs of state-sponsored activity on the platform and quickly take action against bad actors in order to protect our members," LinkedIn said in a statement to CNN. "We don't wait on requests, our threat intelligence team removes fake accounts using information we uncover and intelligence from a variety of sources, including government agencies."
Learning to spot red flags
Some in the cryptocurrency industry are getting more cautious as they look to hire new talent. In Jonathan Wu's case, a video call with a job candidate in April may have kept him from unwittingly hiring someone he came to suspect was a North Korean tech worker.
As head of growth marketing at Aztec, a company that offers privacy features for Ethereum, a popular type of cryptocurrency technology, Wu was looking for a new software engineer when the hiring team came across a promising résumé that someone had submitted.
The applicant claimed experience with non-fungible tokens (NFTs) and other segments of the cryptocurrency market.
"It looked like someone we might hire as an engineer," Wu, who is based in New York, told CNN.
But Wu saw a number of red flags in the applicant, who gave his name as "Bobby Sierra." He spoke in halting English during the interview, kept his web camera off, and could hardly keep his backstory straight as he practically demanded a job at Aztec, according to Wu.
Wu didn't end up hiring "Sierra," who claimed on his résumé to live in Canada.
"It sounded like he was in a call center," Wu said. "It sounded like there were four or five guys in the office, also speaking loudly, also seemingly on interviews or phone calls and speaking a mix of Korean and English."
"Sierra" did not respond to messages sent to his apparent email and Telegram accounts seeking comment.
CNN obtained the résumés the alleged North Korean tech workers submitted to Wu's firm and the cryptocurrency startup founded by Devin. The résumés seem deliberately generic as to not arouse suspicion and used buzzwords popular in the cryptocurrency industry such as "scalability" and "blockchain."
One suspected North Korean operative tracked by Mandiant, the cybersecurity firm, asked numerous questions of others in the cryptocurrency community about how Ethereum works and interacts with other technology, Mandiant said.
The North Korean may have been gathering information about the technology that could be useful for hacking it later, according to Mandiant principal analyst Michael Barnhart.
"These guys know exactly what they want from the Ethereum developers," Barnhart said. "They know exactly what they're looking for."
The fake résumés and other ruses used by the North Koreans will likely only get more believable, said Kim,the former CIA analyst who is now a policy analyst at RAND Corp., a think tank.
"Even though the tradecraft is not perfect right now, in terms of their ways of approaching foreigners and preying upon their vulnerabilities, it's still a fresh market for North Korea," Kim told CNN. "In light of the challenges that the regime is facing -- food shortages, fewer countries willing to engage with North Korea ... this is just going to be something that they will continue to use because nobody is holding them back, essentially."
북한이 해커들을 해외 IT 회사에 위장 취업시켜 외화를 벌고 있다고 미국 CNN이 10일(현지 시각) 보도했다.
CNN에 따르면 지난 2월 미국 샌프란시스코의 암호화폐 스타트업 설립자 A씨는 미 연방수사국(FBI)으로부터 “지난해 여름 고용한 IT 개발자가 북한 공작원이며 월급 수만 달러를 북한에 보내고 있다”는 전화를 받았다. 즉시 그를 해고한 데빈은 “그는 중국인을 자처했고 여러 차례 인터뷰를 거쳐 채용된 우수 인력이었다”고 했다.
FBI와 미국 재무부는 지난 5월 고도로 숙련된 IT 인력 수천 명이 북한에 상당한 외화 수입을 제공하고 있다고 이례적으로 경고문을 발표했다. 북한 해커들은 30만 달러(약 3억9000만원) 이상의 연봉을 벌 수 있으며, 임금의 최대 90% 이상을 북한 당국에 상납하고 있다. 미 중앙정보국(CIA) 북한 분석가 출신인 수 킴은 “북한이 매우 적극적이다. 지하실에서 암호화폐 채굴에 매달려왔던 일반적인 방식과 다르다”고 했다.
최근 암호화폐 가격이 폭락하면서 북한이 탈취한 암호화폐 가치도 급락했다. 디지털 화폐를 추적하는 체인어낼리시스에 따르면 북한이 보유한 암호화폐 자산의 가치가 지난해 말 1억7000만 달러(약 2210억원)에서 약 6500만달러(약 845억원)로 절반 이상 떨어졌다. 그러나 보안이 취약하고 북한에 대한 제재를 회피하기 쉽기 때문에 암호화폐 해킹 등을 통한 북한의 수익 창출은 계속될 것으로 보인다.
북한이 표적으로 삼은 회사들은 결제업체부터 취업회사까지 IT 전 분야에 걸쳐 있다. 북한이 파견한 IT 기술자들은 유엔과 미국의 제재를 피해 급여를 본국으로 송금하고 있으며 북한 해커들이 암호화폐나 다른 IT 회사를 해킹하는 것을 지원하기도 한다.
전 FBI 정보분석가 닉 칼슨은 “북한 해커들과 북한이 해외에 파견한 기술자들은 서로 잘 알고 있다”면서 이들이 협력해 링크드인과 같은 개방형 구인 사이트를 활용해 취업한다고 설명했다. 일례로 2019년 북한 해커들로 추정되는 구직자들이 유럽 항공방산업체 2곳의 정보를 빼내기 위해 링크드인에 구직 광고를 올린 적이 있다.
이더리움 보안회사인 아스텍사의 마케팅 책임자 조나단 우씨는 지난 4월 북한 IT 기술자로 의심되는 사람과 면접을 봤다. 우씨는 “그는 캐나다에 거주한다고 밝혔으나, 영어가 서툴렀고 화상 카메라를 꺼두고 있었으며 자신의 전력을 제대로 밝히지 않았다”고 했다. 또한 “그는 콜센터에 있는 것처럼 시끄러웠고, 주변에서 영어와 한국어가 계속해서 들렸다”고 했다.
수 킴은 가짜 이력서 등 북한의 속임수에 대해 “아직 전략이 허술하긴 하지만, 여전히 암호화폐는 북한에 새로운 시장”이라며 “식량 부족과 국제 사회에서 고립된 상황 등을 고려했을 때 북한은 계속해서 암호화폐를 활용할 것”이라고 했다.
https://www.chosun.com/international/international_general/2022/07/11/QH2H4BUOVZC23MHWPOYLK4GYBU/
No comments:
Post a Comment