US Authorities Confiscate 17 Domains Linked to North Korean IT Specialists
US authorities have seized control of 17 domain names that were allegedly used by North Korean IT specialists in a large-scale fraudulent project. The project aimed to bypass international sanctions and finance the Democratic People’s Republic of Korea’s (DPRK) ballistic program. The confiscation was carried out by the Department of Justice.
According to court documents, the IT specialists deceived US and other countries’ companies by hiding their true identities while working for them. The funds earned from October 2022 to January 2023, totaling approximately $1.5 million, were also confiscated as part of this operation.
The Department of Justice revealed that the seized domains were camouflaged to appear as legitimate IT companies based in the United States. However, these domains were linked to Chinese company Yanbian Silverstar and Russian company VoLasys Silver Star, both of which have faced sanctions since 2018.
The list of confiscated domains includes:
- silversstarchina [.] Com
- edenprogram [.] Com
- xinlusoft [.] Com
- foxvsun [.] Com
- Foxysunstudio [.] Com
- foxysunstudios [.] com
- cloudbluefox [.] Com
- cloudfoxhub [.] Com
- mycloudfox [.] Com
- thefoxcloud [.] Com
- Thefoxesgroup [.] Com
- babyboxtech [.] Com
- cloudfox [. ] Cloud
- danielliu [.] Info
- jinyang [.] Asia
- jinyang [.] Services
- ktsolution [.] Tech
Furthermore, US authorities, in collaboration with South Korea, are urging caution when hiring IT freelancers. There is a risk of unknowingly hiring agents from North Korea who work on behalf of Kim Jong-un. These experts are being inserted into foreign companies to assist in stealing important information and distributing harmful software, including spyware.