Spotted a Weird Github Organization? It Might be DPRK!
DPRK IT workers are quietly running polished GitHub organizations to win contracts and launder reputation. We map the networks, tactics, and tells.
DPRK
Understanding DPRK IT Worker Activity - Conversations and Insights
A comprehensive analysis of the tactics, behaviors, and operational patterns of North Korean (DPRK) IT workers.
DPRK IT Worker-Related Account Takeover
A DPRK IT worker-turned-hacker gains (partial) control over the Waves (Fraud) Protocol.
DPRK IT Workers in Open Source and Freelance Platforms
A cluster of actors discovered in onlyDust.com freelancer platform and beyond
Russian accent in the DPRK related cyber operations
Unusual Discoveries in DPRK IT Worker Profiles connected to Russia
From One North Korean To Four North Koreans To Five Threats
Comingled multiple types of threats hidden within single North Korean operation.
DPRK IT Workers threat in Open Source Organizations
Why should you care about the North Korean contributors. Describing risks associated with DPRK IT Workers for organizations.
Malicious Github Accounts with gh-fake-analyzer
On classifying GitHub profiles as potentially malicious using gh-fake-analyzer.
Ketman's Guide to Identifying a Suspicious Github Account Associated with DPRK
The investigation into the threat actor associated with DPRK activities has revealed several interesting insights into how to track this actor's activity based on their own presentation on GitHub.