FBI seizes websites that North Koreans allegedly used to impersonate American companies
CNN —
The FBI has seized multiple websites that North Korean operatives used to impersonate legitimate US and Indian businesses in a likely effort to raise money for the nuclear armed-North Korean regime, according to statements on the websites and security researchers who investigated the activity.
All four websites identified by cybersecurity firm SentinelOne as North Korean fronts on Thursday had a statement in English and Korean saying they had been seized pursuant to a warrant issued by the US District Court of Massachusetts as part of a “coordinated law enforcement action” against the North Korean government. SentinelOne researchers traced the front companies to a larger set of organizations based in China.
Tracking down and thwarting these fake companies is an immense national security challenge that the Biden administration has tried to tackle and that the Trump administration will inherit. About half of North Korea’s missile program has been funded by cyberattacks and cryptocurrency theft, a White House official said last year.
The front companies closely mimicked the websites of multiple US software and consulting firms, and encouraged prospective clients to get in touch, according to SentinelOne’s analysis.
The FBI declined to comment.
The statement from the FBI and other US law enforcement agencies on the seized websites directs visitors to a 2022 warning from US officials that North Korea was using thousands of IT workers abroad to stealthily raise money for the regime.
A CNN investigation that year found that North Korean operatives were aggressively trying to infiltrate US cryptocurrency and other tech firms by posing as other nationalities. One American entrepreneur told CNN that, according to the