Home remodeling and architectural design are among the new areas North Korean IT workers are expanding into in an effort to continue to make money to fund their country’s weapons of mass destruction program, a source told Fortune. The IT worker scam, which has collected billions for North Korea, is innovating beyond remote tech work after being disrupted by law enforcement; even the most mundane tasks are under threat.
A candidate for Oregon’s state legislature—who was later elected to represent southwest Portland and East Beaverton—had her team hire a designer for her campaign website last year. According to a staff member familiar with the work, the web developer was hired from freelance platform Upwork after a phone interview. There were no red flags during the interview process, nor did the developer indicate that there would be anyone else working on the website, the staffer said. The contract started May 10, the site went live around mid-July, and the contract ended on August 27. The budgeted cost was $2,000. However, the web developer hired to design the site had a subcontractor handle minor edits at the end of the project. A North Korean information technology worker, known and tracked by cybersecurity professionals around the world, logged into the WordPress content management system on the backend of the campaign website using credentials linked to the web developer.

Full report : Tech companies have a big remote worker problem: North Korean operatives.