Suspect in K.L. ran illegal websites for North
Ri, an IT expert, entered Malaysia last August to supposedly work at Tombo Enterprise, a small local herbal supplement firm.
But a government source told the JoongAng Ilbo Wednesday his actual job was running illegal websites, a lucrative source of foreign currency for the North Korean regime that evades international sanctions.
“As earning foreign currency became difficult because of international sanctions, North Korea had been seeking roundabout methods of sending workers overseas to bring in cash, and the field that had the highest value was the IT area,” the source said.
“North Korea sends IT experts under the pretext of working as techies in a foreign country. Actually they operate illegal gambling or pornographic sites, engage in hacking or develop games to earn cash to send back home.”
On Friday, the 47-year-old Ri was arrested in Malaysia as a suspect in the assassination of the estranged half-brother of Pyongyang’s leader Kim Jong-un at Kuala Lumpur International Airport on Feb. 13.
Ri, according to his work visa, was registered since 2013 as an employee in the IT department of Tombo Enterprise, a local herbal medicine company. But he apparently didn’t earn a salary from the company.
Chong Ah Kow, president of Tombo Enterprise, told police that Ri’s employment documents said he was a graduate of Kim Chaek University of Technology and that he majored in software engineering.
But Chong said Ri did not work for him.
North Korea’s Kim Chaek University is famous for producing hackers.
Chong added that Ri asked for the employment of other North Koreans. There is a possibility that Ri could have been responsible for helping other IT experts settle in Southeast Asia countries.
Ri, unlike some other suspects in the assassination of Kim Jong-nam, did not flee the country but stayed in Malaysia, perhaps because of his role operating such sites.
A diplomatic source pointed out, “His original task was to earn foreign cash, so he did not leave Malaysia, his stronghold, after the assassination.”
Since the 2000s, Southeast Asia has been a good location for North Korea’s cyber experts to earn foreign cash. Some countries have good relations with North Korea, enabling easy entry and departure from them.
If they have weak cyber security as well, it’s an ideal position for trained hackers.
A group of eight North Koreans were arrested in Cambodia in 2014 for operating gambling websites including a football-related one.
Last March, North Korean hackers produced a game in Thailand that tried to send malicious code to South Korea.
Yoo Dong-yeol, director of the Korea Institute of Liberal Democracy, said, “There are around 6,800 hackers active in North Korea. They bring in around $860 million annually through online gambling sites and international scams.”
An intelligence official said, “Through this case, Southeast Asian countries’ perception of North Korea has sharply worsened and is expected to have a considerable impact on these countries being a foothold for North Korean agents.”
Aside from IT experts, the government estimates that there are between 300 to 500 North Koreans working around the Borneo Island area.
BY YOO JEE-HYE, SARAH KIM [firstname.lastname@example.org]