Uncovered: A North Korean IT Professional Serves a Year at Fisker Before Being Exposed as a Cyber Spy
In a concerning development, recent intelligence suggests that North Korean actors have been targeting companies in the cryptocurrency and automotive sectors. One such company, Fisker Inc., an electric carmaker based in Manhattan Beach, unknowingly hired Kou Thao, a covert North Korean spy.
Thao, who joined Fisker in October 2021, used a fraudulent Arizona address connected to another conspirator, Christina Chapman. Chapman, who has been identified as a North Korean operative, set up laptops to give North Korean operatives remote access via networks in Russia and China.
The FBI has highlighted North Korea as a persistent, highly capable threat to organisations in the cryptocurrency space, and their cyber actors are running sophisticated, hard-to-detect social engineering campaigns targeting employees in the decentralized finance (DeFi) and cryptocurrency sectors.
Fisker CEO Henrik Fisker did not comment on the matter, citing the ongoing FBI investigation. However, it was revealed that Thao was involved in an elaborate money laundering scheme targeting the automotive industry.
The financial fallout from Thao's espionage may have contributed to Fisker's bankruptcy filing in June 2024, nine months after Thao's dismissal. It is important to note that Fisker was not the only automaker impacted by this scheme; other major American automotive manufacturers were also targeted.
The identity of the other affected automaker is undisclosed, but both General Motors and Ford Motor Company are Detroit-based. North Korean spies have been infiltrating U.S. companies through IT roles, often in low-level positions.
The FBI has issued warnings about North Korean spies in the finance and crypto sectors, and these attacks are complex and can compromise even well-prepared cybersecurity professionals. As the threat continues to evolve, it is crucial for companies to remain vigilant and take necessary measures to protect their assets and intellectual property.
- The FBI's warnings about North Korean spies extend beyond the cryptocurrency and automotive sectors, encompassing finance, technology, general news, and crime-and-justice, as these cyber actors pose a persistent and highly capable threat to organizations in these domains.
- As the threat of North Korean espionage continues to evolve, it is not only crucial for companies in the cryptocurrency and automotive sectors to remain vigilant, but also for those in finance, technology, general news, and crime-and-justice to bolster their cybersecurity, protect their assets, and safeguard their intellectual property.
