The leakage reveals the life of North Korea for Information Technology

Tables show potential targeted functions for IT workers. One sheet, which appears to include daily updates, recounts job descriptions (“You need a new developer and web3”), the companies that are announced, and their locations. It is also associated with vacant signs on independent websites or communication details for those who employ. The “case” case says if they are “waiting” or if there is a “connection”.

It seems that the snapshots of a single prostate sees it for the possible real world names for IT workers themselves. Besides each name, there is a computer -to -making record and style that they have, as well as screens, solid engines, and serial numbers for each device. It seems that “Master Boss”, which does not have an amphitheater, uses a 34 -inch screen and 500 GB hard drive.

One of the “analysis” pages in the data that STYK, the security researcher, shows a list of types of work in which a group of fraudsters participate: AI, Blockchain, web bulldozer, robot development, mobile phone application and web development, trading, CMS development, desktop application development, and “others”. Each category has a possible budget listed and a “total paid” field. Dozens of graphs in one spreadsheet claim to track the amount paid, the most profitable areas to earn money from them, and whether getting a weekly or monthly wage or as a fixed amount is the most successful.

“He runs professionally,” says Barnmart’s Michael Barnhart. Piracy researcher and threat in North Korea Who works for the DTEX threat company. “Everyone must make its shares. Everything should be trampled. Everything should be noticed,” he says. The researcher adds that he saw similar levels of saving records with North Korea is advanced Piracy groupsThat stole billions of dollars in the cryptocurrency in recent years, and is largely separate from the plans of IT workers. Watch the Parnhart data obtained by STTYK and says she is interfering with what he and other researchers were.

“I think this data is very real,” says Evan Jordinker, a consultant director of the Palo Alto Networks intelligence team, who has also seen the data obtained from the data obtained from the Data Sttyk that was also obtained. Gordenker says that the company was following multiple data accounts and that one of the prominent GitHub accounts has previously displays information technology workers files. None of the DPRK email addresses have been answered for WIRED requests for comment.

GitHub removed three developers’ accounts after WIRED, with Raj Laud, president of the online cyber security and safety, said it was suspended in line with the rules of “random mail and unreliable activity”. “The prevalence of the threat activity of the nation -state is a challenge on the level of industry and a complex issue that we take seriously,” says Laud.

Google refused to comment on specific submitted accounts, noting policies on the privacy of the account and safety. “We have operations and policies in force to detect these operations and report them to enforce law,” says Google’s Mike Cinno, director of disclosure and response at Google. “These operations include taking measures against fraudulent activity, notifying the targeted organizations in a proactive way, and working with public and private partnerships to exchange the intelligence of the threat that enhances defenses against these campaigns.”