North Korean remote IT worker scam operation targeting American companies
Campaign
Summary
Hide ▲
Show ▼
A long-running North Korean remote IT worker scam operation used stolen identities and fake placements to embed operators inside more than 100 American companies. The campaign supported DPRK revenue generation and insider access, with facilitators helping workers appear based in the US while using remote access and other concealment methods.
Related Happenings
UNC6508 China-linked REDCap espionage campaign
Campaign
H score39
First: 15.06.2026 17:00
Last: 15.06.2026 17:00
Sources 1
About this happening:
**UNC6508** ran a **China-linked espionage campaign** against **exposed REDCap servers** used by **North American medical, academic, and military research networks**. The operatio...
UNC6508 China-linked REDCap espionage campaign
CampaignAbout this happening: **UNC6508** ran a **China-linked espionage campaign** against **exposed REDCap servers** used by **North American medical, academic, and military research networks**. The operatio...
FBI takedown of Outsider Enterprise phishing service
Law Enforcement
H score63
First: 14.06.2026 17:36
Last: 14.06.2026 17:36
Sources 1
About this happening:
The **FBI** and partners **dismantled** **Outsider Enterprise**, a **phishing-as-a-service** operation tied to **thousands of phishing websites** and large-scale credential theft....
FBI takedown of Outsider Enterprise phishing service
Law EnforcementAbout this happening: The **FBI** and partners **dismantled** **Outsider Enterprise**, a **phishing-as-a-service** operation tied to **thousands of phishing websites** and large-scale credential theft....
U.S. Scam Center Strike Force anti-fraud initiative
Public Sector Action
H score50
First: 04.06.2026 09:06
Last: 04.06.2026 09:06
Sources 1
About this happening:
The **U.S. government** continued **Scam Center Strike Force**, an ongoing anti-fraud initiative aimed at dismantling **cyber-enabled fraud** and **pig butchering** networks targe...
U.S. Scam Center Strike Force anti-fraud initiative
Public Sector ActionAbout this happening: The **U.S. government** continued **Scam Center Strike Force**, an ongoing anti-fraud initiative aimed at dismantling **cyber-enabled fraud** and **pig butchering** networks targe...
Silent Ransom Group US law firm IT impersonation campaign
Campaign
H score36
First: 29.05.2026 16:00
Last: 29.05.2026 16:00
Sources 1
About this happening:
**Silent Ransom Group (SRG)**, also tracked as **UNC3753**, **Chatty Spider**, and **Luna Moth**, is running a **financially motivated data theft extortion campaign** against **do...
Silent Ransom Group US law firm IT impersonation campaign
CampaignAbout this happening: **Silent Ransom Group (SRG)**, also tracked as **UNC3753**, **Chatty Spider**, and **Luna Moth**, is running a **financially motivated data theft extortion campaign** against **do...
Ramanan Pathmanathan eight-year sextortion campaign targeting 145+ children
Campaign
H score14
First: 28.05.2026 12:25
Last: 28.05.2026 12:25
Sources 1
About this happening:
A **Ramanan Pathmanathan** sextortion campaign targeted **more than 145 children** across the **United States**, using fake social accounts and video chats to coerce minors and ca...
Ramanan Pathmanathan eight-year sextortion campaign targeting 145+ children
CampaignAbout this happening: A **Ramanan Pathmanathan** sextortion campaign targeted **more than 145 children** across the **United States**, using fake social accounts and video chats to coerce minors and ca...
Timeline
-
16.04.2026 19:00 4 articles · 2mo ago
US Justice Department sentences Kejia Wang and Zhenxing Wang for North Korean IT worker scam
Legal Policy Action UpdateThe US Justice Department announced that Kejia Wang, 42, and Zhenxing Wang, 39, were sentenced for helping run North Korean remote IT worker scams that used stolen identities of at least 80 American citizens to deceive more than 100 American companies and generate more than $5m for the DPRK.
Show sources
- US Nationals Jailed for Operating Fake Remote Worker Laptop Farms for North Korea — www.infosecurity-magazine.com — 16.04.2026 19:00
- US Nationals Jailed for Operating Fake Remote Worker Laptop Farms for North Korea — www.infosecurity-magazine.com — 16.04.2026 19:00
- US: Five Plead Guilty in North Korean IT Worker Fraud Scheme — www.infosecurity-magazine.com — 17.11.2025 13:15
- Japan, South Korea Take Aim at North Korean IT Worker Scam — www.darkreading.com — 04.09.2025 04:00
-
16.04.2026 19:00 1 articles · 2mo ago
Public reporting details the multi-year North Korean remote IT worker scheme
Campaign Scope UpdateThe multi-year campaign used stolen identities to obtain remote IT worker roles at more than 100 organizations, including several Fortune 500 companies, and gave North Korean operators remote access to company laptops so they could steal sensitive data and source code from firms including military contractors and AI companies.
Show sources
- US Nationals Jailed for Operating Fake Remote Worker Laptop Farms for North Korea — www.infosecurity-magazine.com — 16.04.2026 19:00