North Korean IT Workers Escalate Infiltration of European Companies

DPRK operatives target blockchain and AI projects, leveraging fake identities and extortion to fund weapons programs.

North Korean IT workers have shifted focus to Europe, targeting organizations in Germany, Portugal, and the UK after increased scrutiny in the U.S.
Operatives use fabricated identities, fake credentials, and AI tools to secure remote IT jobs and evade detection.
Up to 90% of earnings from these jobs are funneled to the DPRK regime to support its weapons and nuclear programs.
Recent cases reveal infiltration of blockchain and AI projects, with some operatives engaging in data theft and extortion after being fired.
Governments and cybersecurity experts urge enhanced hiring scrutiny and sanctions enforcement to counter this growing threat.