North Korea has a variety of schemes to insert their agents into companies in western democracies. They steal intellectual property, they steal money, and there’s a broad base of their people simply being in position, bringing home a paycheck.

Here we see a North Korean agent trying to sneak into the Kraken cryptocurrency platform. The company’s security director was suspicious, and it all unraveled from there. Previously I saw an article about a U.S. national in Arizona who set aside the actual work of running an AirBNB and hosted laptops, instead of actual people. This gave the North Koreans using them the appearance of being within the U.S.

If you’re curious about this sort of work, it’s just basic fraud/pretext approach investigation methods, combined with recognizing what you’ve got. There’s a more technical treatment of the problem in Attribution of Advanced Persistent Threats, by Timo Steffens.

Paranoia: Pathological Or Professional? was eighteen months ago. There was a lot of behavior like this with any sort of online activity - NGOs and social movements formerly put up with a steady flow of much less capable attackers. Like the one step above LARPer jihadi hunters of the teens, that world was formerly flooded, not with the cream of the crop, but with the scum floating on the shallow end of the human gene pool.

The U.S. economy is about to come undone, empty shelves are going to be a feature of our lives later this month. There will be a wave of criminality as those with no other hope try their hand at various things they’d never consider doing in person, but which seem safe with the internet as a buffer. You probably won’t encounter a North Korean spy, but a northern San Leandro scammer? You can count on stuff like that being the new normal.