Entités

Laptop farms

Incidents implicated systems

Incident 111837 Rapports
Ongoing Purported AI-Assisted Identity Fraud Enables Unauthorized Access to Western Companies by North Korean IT Workers

2021-01-01

North Korean operatives have reportedly used AI-generated identities to secure remote jobs or impersonate employers in order to infiltrate companies. These tactics allegedly support sanctions evasion through wage theft, credential exfiltration, and malware deployment. Workers reportedly use fake resumes, VPNs, and face-altering tools; some deploy malware like OtterCookie after embedding, while others lure targets via spoofed job interviews. AI systems are reportedly used to generate fake resumes, alter profile photos, and assist in real-time responses during video interviews.

Plus

Entity

Reconnaissance General Bureau

Plus
Entity

Lazarus Group

Plus
Entity

Government of North Korea

Plus
Entity

Department 53

Plus
Entity

North Korean threat actors

Plus
Entity

Famous Chollima

Plus
Entity

PurpleBravo

Plus
Entity

WaterPlum

Plus
Entity

Minh Phuong Ngoc Vong

Plus
Entity

Sim Hyon-Sop

Plus
Entity

Kim Sang Man

Plus
Entity

Christina Chapman

Plus
Entity

Wagemole

Plus
Entity

UNC5267

Plus
Entity

Void Dokkaebi

Plus
Entity

Contagious Interview

Plus
Entity

Gwisin Gang

Plus
Entity

Matthew Isaac Knoot

Plus
Entity

Yang Di

Plus
Entity

Jong Song Hwa

Plus
Entity

Kim Ryu Song

Plus
Entity

Ri Kyong Sik

Plus
Entity

Rim Un Chol

Plus
Entity

Kim Mu Rim

Plus
Entity

Cho Chung Pom

Plus
Entity

Hyon Chol Song

Plus
Entity

Son Un Chol

Plus
Entity

Sok Kwang Hyok

Plus
Entity

Choe Jong Yong

Plus
Entity

Ko Chung Sok

Plus
Entity

Kim Ye Won

Plus
Entity

Jong Kyong Chol

Plus
Entity

Jang Chol Myong

Plus
Entity

Unknown large language model developers

Plus
Entity

Unknown deepfake technology developers

Plus
Entity

OpenAI

Plus
Entity

Western companies

Plus
Entity

Companies in the United States

Plus
Entity

Employers

Plus
Entity

Cryptocurrency platforms

Plus
Entity

Developers

Plus
Entity

Interviewees

Plus
Entity

macOS users

Plus
Entity

Recruitment teams

Plus
Entity

Hiring managers

Plus
Entity

Human resources staff

Plus
Entity

Web3

Plus
Entity

Blockchain projects

Plus
Entity

Internal Revenue Service

Plus
Entity

IRS

Plus
Entity

Social Security Administration

Plus
Entity

SSA

Plus
Entity

Andrew M.

Plus
Entity

Oleksandr Didenko

Plus
Entity

Jiho Han

Plus
Entity

Haoran Xu

Plus
Entity

Chunji Jin

Plus
Entity

Video interview platforms

Plus
Entity

Unknown large language models

Plus
Entity

Unknown deepfake technology

Plus
Entity

Freelance platforms

Plus
Entity

Document verification systems

Plus
Entity

Digital identity verification services

Plus
Entity

ChatGPT

Plus
Entity

BYOD (Bring Your Own Device)

Plus
Entity

Flashpoint-detected info-stealing malware

Plus
Entity

Zoom

Plus
Entity

WebSocket-based C2

Plus
Entity

ARP packet signaling

Plus
Entity

Raspberry Pi Zero

Plus
Entity

OtterCookie

Plus
Entity

OtterCookie v3

Plus
Entity

OtterCookie v4

Plus
Entity

BeaverTail

Plus
Entity

InvisibleFerret

Plus
Entity

AgencyHill99

Plus
Entity

GitHub

Plus
Entity

Astrill VPN

Plus
Entity

FTP exfiltration

Plus
Entity

Remote admin tools

Plus
Entity

Job boards

Plus
Entity

Upwork

Plus
Entity

remote3

Plus