The US has seized 17 website domains used by North Korean IT workers in a scheme targeting US and foreign businesses, aiming to fund the government’s weapons program. According to the US Justice Department, North Korea dispatched these workers, largely to China and Russia, with the aim of deceiving businesses into hiring them as freelancers. The fraudulent workers made millions through this scheme for North Korea. These particular IT workers had been sanctioned by the Department of the Treasury in 2018.

North Korean Hackers Use Fake U.S. Companies to Spread Malware in Crypto Industry: Report
North Korean hackers reportedly set up shell companies in the US to penetrate the crypto sector and target developers via fake job offers, according to