#Strider Technologies #North Korea #PRC

Exposure of Chinese Companies Involved in North Korean Cyber Operations

Strider Technologies has recently published an eye-opening report detailing how a network of companies based in the People's Republic of China (PRC) may be facilitating illicit activities related to North Korea's IT worker schemes. This critical analysis highlights the intricate web of connections that allow North Korean operatives to infiltrate Western organizations, exploit sensitive data, and fund prohibited military programs.

Background of the Investigation

The report, titled Inside the Shadow Network North Korean IT Workers and Their PRC Backers, sheds light on the operations of North Korean actors in collaboration with PRC-based entities. These partnerships are primarily aimed at accessing digital platforms and employment systems to generate revenue for the Democratic People’s Republic of Korea (DPRK) while laundering the proceeds from these ventures.

According to Strider, these North Korean operatives disguise themselves as freelance developers or engineers, executing coordinated efforts to infiltrate enterprises in the West. The report specifies that a sanctioned PRC-associated company has been identified by the U.S. Department of the Treasury for supplying IT equipment to Department 53, a unit under the DPRK's Ministry of National Defense. This department is known for its weapons trading, generating revenue through various sectors, including IT.

Uncovering the Shadow Network

The investigation revealed that the flagged company is linked to a shadow network comprising 35 additional PRC-based companies. These entities not only assist in laundering proceeds but also play an integral role in furthering North Korean digital strategies. Their covert operations exploit global freelancing platforms and employ a mix of fake identities and front organizations to operate without detection.