Nick Roy
@superducktoes.bsky.social
📤 33
đź“Ą 21
đź“ť 9
nkinternet.wordpress.com
My favorite DPRK IT workers are the ones just straight up trying to export surveillance software
loading . . .
Made for Export: North Korea’s Software Catalog
An email discovered last year that was sent from North Korea’s internet infrastructure offers a rare look at how DPRK software developers market their work abroad. While most recent reporting has focused on North Korean IT workers fraudulently obtaining jobs at Western companies, the documents attached to this message appear to represent something different: a catalog of domestically developed software being pitched to commercial partners overseas.
http://nkinternet.com/2026/03/10/made-for-export-north-koreas-software-catalog/
2 days ago
0
1
0
Hunting For North Korean Fiber Optic Cables Before we go any further, one thing that I want to make clear is that the word assume is going to be doing some heavy lifting throughout this post. This was a rabbit hole that I recently went down and I probably have more questions than answers, but I…
loading . . .
Hunting For North Korean Fiber Optic Cables
Before we go any further, one thing that I want to make clear is that the word assume is going to be doing some heavy lifting throughout this post. This was a rabbit hole that I recently went down and I probably have more questions than answers, but I still wanted to document what I had found so far. If you have additional information or findings you want to share, as always feel free to reach out: …
http://nkinternet.com/2025/12/08/hunting-for-north-korean-fiber-optic-cables/
3 months ago
0
4
2
part 2 of digging into north koreas vpn
loading . . .
Hangro: Investigating North Korean VPN Infrastructure Part 2
If you haven’t seen part 1, it provides an overview of the service as well as the domains and IPs supporting the infrastructure. Continuing my analysis of the Hangro VPN IPs and service I started querying the IPs directly as well as started taking some first steps towards reversing an older sample of the Hangro VPN client. Using OpenSSL as well as a few other tools provided some additional details on how the VPN functions.
https://nkinternet.wordpress.com/2025/07/16/hangro-investigating-north-korean-vpn-infrastructure-part-2/
8 months ago
1
0
0
North Korea Offline With Invalid Routes for AS131279 On March 18, 2025, at around 9:38 AM UTC, connectivity to AS131279 dropped. Shortly after, at 9:50 AM UTC, a change in the Start of Authority (SOA) record and an update to the Route Origin Authorization (ROA) were detected. The update introduced…
loading . . .
North Korea Offline With Invalid Routes for AS131279
On March 18, 2025, at around 9:38 AM UTC, connectivity to AS131279 dropped. Shortly after, at 9:50 AM UTC, a change in the Start of Authority (SOA) record and an update to the Route Origin Authorization (ROA) were detected. The update introduced a new ROA for 175.45.176.0/22, authorizing AS131279 as the origin but setting a maximum prefix length of /22. Previously, AS131279 had been announcing four /24s (175.45.176.0/24, 175.45.177.0/24, etc.), which had not been marked as invalid.
https://nkinternet.wordpress.com/2025/03/18/north-korea-offline-with-invalid-routes-for-as131279/
12 months ago
0
0
0
North Korea whois records hijacked?
loading . . .
North Korea whois records hijacked?
https://nkinternet.wordpress.com/2025/02/23/north-korea-whois-records-hijacked/
about 1 year ago
0
0
0
Someone having a bad day in North Korea. Whois records just changed
about 1 year ago
0
0
0
Hangro: Investigating North Korean VPN Infrastructure Part 1 In a post from a now-deleted user on the webdev subreddit, someone asked about how to acquire a .kp TLD. While there were a few decent responses, the original poster shared an update: they successfully obtained a domain but noted that a…
loading . . .
Hangro: Investigating North Korean VPN Infrastructure Part 1
In a post from a now-deleted user on the webdev subreddit, someone asked about how to acquire a .kp TLD. While there were a few decent responses, the original poster shared an update: they successfully obtained a domain but noted that a VPN is required to access the website. This raised intriguing questions about VPN usage in North Korea. While several VPN providers claim to operate from North Korea, most merely offer false IP geolocation.
https://nkinternet.wordpress.com/2025/01/06/hangro-north-korean-vpn-infrastructure/
about 1 year ago
0
2
0
you reached the end!!
feeds!
log in