Comment by NitpickLawyer

Comment by NitpickLawyer 16 hours ago

6 replies

View on Hacker News

> Why this is being discussed publicly? It seems way more reasonable to inform IT companies directly, or investigate it outside media attention.

One key component for this scheme to work is to have local US persons act as intermediaries. While some may already know something shady is going on, and be complicit, some might not understand the entire scope of what they're being part of. Publicly discussing it might encourage some people to come forward / avoid being involved in the future.

fuzzzerd 12 hours ago

Living up to your screen name I see, but in all seriousness, I fully agree. The average person running the laptops in a spare bedroom may have no idea the scope of what they're involved with. Especially if they're being duped as well.

Imagine a non technical person being told they're helping run an "edge data center, close to the users. Running our laptops helps Netflix/facebook/etc (insert big tech name of your choice) run faster for you and your neighbors and well pay you to do it."

Easy to imagine a non technical person buying that lie.

Reply View 4 replies
  • alganet 10 hours ago

    I'm having a hard time understanding your imagined scenario.

    Can you please explain it better?

    Reply View 3 replies
    • fuzzzerd 7 hours ago

      NK "fake employee" finds a non technical American to run their laptop farm by lying to them that running these laptops is helping make their access to some service faster.

      Reply View 2 replies
      • alganet 7 hours ago

        Sounds very convoluted.

        I'm sure many, many countries have botnets. I have a bunch of those countries which I consider irresponsible and wreckless in my radar, not only north korea.

        Reply View 1 reply
        • NitpickLawyer 4 hours ago

          These aren't botnets in the traditional sense. These operations need a US-based laptop (they receive it by mail, from the "target" corporation upon employment) and they also need the mini-kvm device to be plugged in. Then the remote agents connect via that kvm, to make detection harder. To an enterprise IDS/IPS the laptop seems connected from a residential, US IP address (expected).

          They've already arrested some people involved in this, they have devices as evidence. It's pretty well documented at this point.

          Reply View 0 replies
alganet 10 hours ago

My imagination is very expansive, I can come up with grand scopes that movies and conspiracy theorists would never dream of.

Reality is much simpler though. Greed, I already said it. Typical human defects.

It seems that you are not comprehending who needs to come forward. Entire industries, entire parties. They simply won't, they would rather see the world burn than admit such mistakes. It has happened before.

Reply View 0 replies