Friday, 10 Oct 2025
  • Contact
  • Privacy Policy
  • Terms & Conditions
  • DMCA
logo logo
  • World
  • Politics
  • Crime
  • Economy
  • Tech & Science
  • Sports
  • Entertainment
  • More
    • Education
    • Celebrities
    • Culture and Arts
    • Environment
    • Health and Wellness
    • Lifestyle
  • 🔥
  • Trump
  • VIDEO
  • House
  • White
  • ScienceAlert
  • Trumps
  • Watch
  • man
  • Health
  • Season
Font ResizerAa
American FocusAmerican Focus
Search
  • World
  • Politics
  • Crime
  • Economy
  • Tech & Science
  • Sports
  • Entertainment
  • More
    • Education
    • Celebrities
    • Culture and Arts
    • Environment
    • Health and Wellness
    • Lifestyle
Follow US
© 2024 americanfocus.online – All Rights Reserved.
American Focus > Blog > Tech and Science > CrowdStrike Exposes North Korea’s Covert Workforce In U.S. Tech
Tech and Science

CrowdStrike Exposes North Korea’s Covert Workforce In U.S. Tech

Last updated: August 26, 2024 7:15 pm
Share
CrowdStrike Exposes North Korea’s Covert Workforce In U.S. Tech
SHARE


Sign up for our daily and weekly newsletters to stay informed with the latest updates and exclusive content covering AI in various industries. Learn More







A recent report from CrowdStrike reveals that North Korean nation-state attackers have successfully infiltrated more than 100 covert team members into U.S.-based aerospace, defense, retail, and technology companies by posing as job applicants.





The report exposes how the North Korea-linked adversary group FAMOUS CHOLLIMA has been using falsified and stolen identity documents to secure employment as remote I.T. personnel, allowing them to carry out espionage activities and data exfiltration unnoticed.





Associated with North Korea’s advanced cyberwarfare organizations, the Reconnaissance General Bureau (RGB) and Bureau 75, FAMOUS CHOLLIMA specializes in insider threats at scale, using their positions to earn salaries funneled back to North Korea for weapons programs while conducting espionage operations.





“The most concerning aspect of FAMOUS CHOLLIMA’s campaign is the extensive insider threat it poses. CrowdStrike has identified over a hundred victims, mostly from U.S. companies that unknowingly hired North Korean operatives,” said Adam Meyers, head of counter adversary operations at CrowdStrike.





These individuals infiltrate organizations, particularly in the tech sector, not to contribute but to divert stolen funds to the regime’s weapons program,” Meyers added.





North Korea Seizes Opportunity to Exploit Trust





“The increase in North Korean remote work schemes highlights how adversaries are taking advantage of the trust in our remote work environment,” noted Meyers in an interview with VentureBeat.





With remote work becoming the norm post-COVID, North Korea saw an opportunity to exploit the lack of verification and security in remote hiring processes. Targeting over 100 companies with malicious insiders, FAMOUS CHOLLIMA orchestrated a coordinated campaign to infiltrate organizations and lead insider attacks.

See also  What if Infinity Didn’t Exist?




“After COVID, remote onboarding became the norm, and thus we’ve seen stolen identities being used to pass security checks and land jobs and then used to exfiltrate data or steal funds. Fifty percent of the cases CrowdStrike observed were used for data exfiltration. The processes created to facilitate remote work are being weaponized against us,” Meyers explained.





Anatomy of North Korea’s Insider Threat Attack





“Many underestimate North Korea’s cyber capabilities, dismissing them as a ‘hermit kingdom.’ However, they have been investing in cyber talent since the late 1990s, focusing on STEM education from a young age. This sophisticated campaign shows they are a sophisticated adversary that must be taken seriously,” Meyers emphasized.





Starting in 2023, FAMOUS CHOLLIMA targeted 30 U.S.-based companies in aerospace, defense, retail, and technology, posing as U.S. residents applying for remote IT positions. Once hired, they carried out minimal job tasks while attempting to exfiltrate data using various tools like Git, SharePoint, and OneDrive.





Malicious insiders also installed Remote Monitoring and Management (RMM) tools to maintain persistence within compromised networks, enabling them to execute commands, establish footholds, and move laterally without detection. CrowdStrike’s report highlighted a 70% year-over-year increase in adversary use of RMM tools.





In April 2024, CrowdStrike Services responded to incidents where FAMOUS CHOLLIMA insiders targeted more than 30 U.S.-based companies, ultimately uncovering a coordinated campaign across multiple sectors.





FBI and DOJ Response to Insider Threats





The FBI issued an alert warning businesses about North Korea’s activities, while the Department of Justice swiftly acted against individuals involved in facilitating the schemes. Indictments revealed how North Korean operatives gained access to IT firms and ran laptop farms to funnel funds to North Korea’s weapons program.

See also  Meta fixes error that exposed Instagram users to graphic and violent content




“The Justice Department arrested a Tennessee man for running a laptop farm scheme that helped North Korean I.T. workers secure remote jobs at Fortune 500 companies. This aligns with CrowdStrike’s findings on FAMOUS CHOLLIMA’s activities,” Meyers concluded.
TAGGED:CovertCrowdStrikeExposesKoreasNorthTechU.SWorkforce
Share This Article
Twitter Email Copy Link Print
Previous Article California Woman Accused of Posing as Russian Cop in Attempted Child Abduction California Woman Accused of Posing as Russian Cop in Attempted Child Abduction
Next Article ‘The time has come for policy to adjust’ ‘The time has come for policy to adjust’
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts

Minn. dad Anthony Nephew ranted against Trump, killed family in murder-suicide

A tragic incident unfolded in Minnesota as a father, Anthony Nephew, took the lives of…

November 10, 2024

Democrats To Hold The Line As Mike Johnson’s CR To Fail In The Senate

PoliticusUSA operates independently, free from any political party’s influence. We invite you to support our…

September 20, 2025

Dubai weather report for September 21 for India vs Pakistan Super 4 match

Team India is set to face off against Pakistan in the Asia Cup 2025 Super…

September 20, 2025

Scientists recreate lost recipes for a 5,000-year-old Egyptian blue dye

The ancient pigment known as Egyptian blue has long been a mystery, with the original…

June 3, 2025

Even the richest Americans face shorter lifespans than their European counterparts, study finds

A recent study published in the New England Journal of Medicine has revealed some concerning…

April 15, 2025

You Might Also Like

The rogue heroes fight arcane magic in the first trailer for The Mighty Nein
Tech and Science

The rogue heroes fight arcane magic in the first trailer for The Mighty Nein

October 10, 2025
Babies Are Born with Alzheimer’s-Linked Proteins in Their Brains. Scientists Want to Know Why
Tech and Science

Babies Are Born with Alzheimer’s-Linked Proteins in Their Brains. Scientists Want to Know Why

October 10, 2025
Transforming Presidential Health Care: Insights from a Former White House Doctor
Tech and Science

Transforming Presidential Health Care: Insights from a Former White House Doctor

October 10, 2025
K reward offered in unsolved River North mass shooting that left 4 dead, 14 wounded – CWB Chicago
Crime

$10K reward offered in unsolved River North mass shooting that left 4 dead, 14 wounded – CWB Chicago

October 10, 2025
logo logo
Facebook Twitter Youtube

About US


Explore global affairs, political insights, and linguistic origins. Stay informed with our comprehensive coverage of world news, politics, and Lifestyle.

Top Categories
  • Crime
  • Environment
  • Sports
  • Tech and Science
Usefull Links
  • Contact
  • Privacy Policy
  • Terms & Conditions
  • DMCA

© 2024 americanfocus.online –  All Rights Reserved.

Welcome Back!

Sign in to your account

Lost your password?