North Korean IT Workers Intensify Targeting of European Companies

DPRK operatives use fake identities to infiltrate sectors like blockchain and defense, escalating extortion and data theft to fund weapons programs.

North Korean IT workers are increasingly targeting European firms, particularly in Germany, Portugal, and the UK, as part of a global expansion of their operations.
These operatives use fabricated identities, AI-generated credentials, and fake references to secure remote jobs in sectors such as blockchain, AI, and defense.
Up to 90% of the wages earned by these workers are funneled to the North Korean regime to finance its weapons and missile programs.
Recent reports highlight a rise in extortion attempts, with workers threatening to leak sensitive data from former employers to maintain revenue streams.
Facilitators in Europe and the U.S. aid these schemes by bypassing identity verification and routing payments through cryptocurrency and other methods to obscure their origins.