Execs in Japan busted for winning dev bids then outsourcing to North Koreans

Two executives were issued arrest warrants in Japan on Wednesday, reportedly for charges related to establishing a business that outsourced work to North Korean IT engineers.

At least one of the individuals – a 53 year old named Pak Hyon-il – is a South Korean national. His alleged accomplice, 42-year old Toshiron Minomo, is Japanese and once worked for Hyon-il, according to local media.

Pak served as president of Fuchu-based IT firm ITZ, while Minomo was the head of Fukuyama-based Robast.

Robast reportedly obtained application development work from Japanese customers through a business brokering website, then outsourced it to North Koreans – who the executives may have believed were living in China. The action is believed to have been carried out without the knowledge or consent of the customers.

The police suspect Pak may have ties to a person in charge of the Hermit Kingdom's foreign currency acquisition activities, and are investigating whether the money may have gone to North Korea, according to reports.

The authorities reportedly found suspicious remittances to North Korean IT engineers from Robast while investigating a case involving development of a smartphone app, that violated Japan's banking act.

Warrants from the Kanagawa and Hiroshima Prefectural Police reportedly accuse the duo of filing and using false electronic notarized records to inflate Robast's registered capital to 3 million yen (nearly $20,000). It is unknown at this time how much capital existed in reality. Pak and Minomo have also been accused of unemployment benefit fraud.

While hiring a North Korean to do some dev work may seem cheap and efficient, it comes with many potential side effects – including malware and other cyber security risks.

Its also very likely that by hiring a North Korean, an entity is contributing foreign currency and slush funds for a despot's activities – both legal and illegal – while violating sanctions domestically.

Last October, the US and South Korean authorities released updated guidance on how to avoid hiring North Korean agents. Handy scenarios to watch out for include threats to release proprietary source code if additional payments are not made, using a freight forwarder's address for company equipment, or unavailability to attend drug tests or in-person meetings.

On Tuesday, the Japanese government isused its own warning regarding North Korean IT contractors posing as Japanese nationals. The notice advised that North Korean workers – abroad or remote – were being used to finance North Korea's nuclear and missile development, and may be involved in their home nation's malicious cyber activities.

Warning signs include unnatural or non-proficient use of the Japanese language, dodgy use of IP addresses, and names used not matching names for payment. ®