Tables show possible target jobs for IT workers. A sheet that appears that daily updates, list job details (“a new react and web 3 developer”), companies include advertising companies and their locations. It also adds contact details for vacancies or recruitment on freelance websites. A “situation” column states whether they are “waiting” or if “contact” is done.
Screenshots of a spreadsheet viewed by Wired appear to list the potential real world names of IT workers themselves. Along with each name -there is a register of computers’ make and model that is allegedly their, as well as monitor, hard drives and serial numbers for each device. “Master Boss”, which does not have a listed name, is apparently using a 34 -inch monitor and two 500 GB hard drives.
STTYK, the data viewed by the security researcher shows a “analysis” page, a list of types of function, including a group of fraudsters: AI, blockchain, web scrapping, bot development, mobile app and web development, trading, CMS development, desktop app development, and “other.” Each category has a possible budget listed and “total payment” area. A dozen graphs in a spreadsheet claim to track how much they have been paid, to make money from the most attractive field, and whether to pay as a weekly, monthly, or a fixed amount.
“It is a professional running,” Michael “Barani” says, says, a prominent North Korean hacking and threatening researcher who works for the inner threat safety firm DTEX. “Everyone has to make their quota. Everything needs to go down. Everything needs to be noted,” they say. Researchers say that they have seen the same levels of records with North Korea’s refined hacking groups, which have stolen billions in cryptocurrency in recent years, and are largely different for IT activists plans. Barnhart has seen the data obtained by Sttyk and said that he and other researchers were trekking.
“I think this data is very real,” Ivan Gordonkar says, Cybercity Company Palo Alto Netws Unit 42 Thrett Intelligence, a senior manager in the Intelligence Team, says Ivan Gordankar, a senior manager who has attained data styk. Gordonkar says that the firm was monitoring many accounts in data and that one of the major Github accounts was publicly highlighted by the first IT workers’ files. The DPRK-linked email address does not respond to Wired’s requests for comments.
GITHUB removed three developer accounts after being exposed to Wires, with the company’s Cyber Security and online security head Raj Lod, he said he has been suspended to suit its “spam and inviteic activity” rules. “The prevalence of such nation-state danger activity is an industry-wide challenge and is a complex issue that we take seriously,” is called Lod.
Google refused to comment on specific accounts provided, citing policies around the confidentiality and security of the account. “We have procedures and policies to detect and reaction in Google,” Mike Sino says, “We have procedures and policies to detect these tasks and report them for law enforcement.” “These procedures strengthen the defense against these campaigns to take action against fraud activity, consistently informing target organizations and working with public and private participation.”
