A group of North Korean hackers were sent to China and required to make up to $100,000 (£72,000) a year for the reclusive regime by any means, or face "severe" consequences.
That's according to one former state hacker, who told Bloomberg about his previous role as a computer expert for the ruthless Kim dynasty. He was not part of the elite hacking unit responsible for cyberattacks on foreign states but instead, he said, a "low-paid labourer".
Still, the tale of Jong Hyok (not his real name) gives fresh insight into how North Korea relies on hacking, cracking and crime to make money and evade sanctions.
He told Bloomberg that after being deployed to China he made money by producing pirate replicas of games and security software for clients to sell online.
He revealed that the hackers would be allowed to keep "less than 10%" of the overall money earned.
Failure to meet demands could result in being sent home. Serious cases – like theft – would lead to being sentenced to "hard labour at a factory or farm".
North Korea has become well-known over the years for targeting banks, casinos and crypto currency exchanges to make money. Its cyber team – often dubbed Lazarus Group – has been linked to the 2014 Sony Pictures leak and the global "WannaCry" ransomware outbreak.
Marcus Hutchins, the expert responsible for stopping WannaCry's spread, tweeted Friday (9 February) that it "makes a lot more sense as some low level hackers trying to make money for the government, rather than an intentionally destructive attack disguised as ransomware".
While Jong said he was not associated with the state's offensive hacking, he did not deny it would happen. "North Korea will do anything for money, even if that means asking you to steal," he said.
It remains unclear if the $100,000 is a demand required of every state hacking team.
In November last year, the former head of GCHQ, the UK intelligence agency, warned that North Korea will continue to use cyberattacks against its perceived global enemies. Most recently, South Korea alleged it could potentially be tied to the huge $530m hack at Tokyo's Coincheck.