Associated Incidents
![[Asia Issue] ‘Fake Applicants’ with AI-Made Faces… Infiltrating Japanese IT Company Interviews, Suspicions of North Korean Undercover Employment](https://res.cloudinary.com/pai/image/upload/f_auto/q_auto/c_fill,h_480/v1/legacy/d41d8cd98f00b204e9800998ecf8427e)
It appears that the facial photos and career information of a real person were exploited, and experts are paying attention to the possibility that this is linked to cases where North Korean IT personnel are working undercover at overseas companies to earn foreign currency.
According to a report by the Yomiuri Shimbun on the 19th, a man who introduced himself as "Kefumi Yoshitake" appeared during an online mid-career recruitment interview conducted by an IT company in Tokyo earlier this month. He stated, "I was born and raised in the United States, so my Japanese is poor," and expressed a desire for completely remote work from overseas. When the company representative (30) explained that "commuting to work is a prerequisite," the applicant said, "Then excuse me," and ended the interview in about two minutes.
The man had submitted an English resume through a Japanese talent platform, which included his work experience at a major Japanese company and the phrase "Japanese: Native." However, after the interview, the representative became suspicious and accessed the business social media page listed on the resume, revealing the profile of Kenbun Yoshii (41), CEO of the domestic IT company "Reunion Software" (Tokyo). The educational background and work experience listed on the resume also matched Mr. Yoshii's actual information.
After receiving and reviewing the interview video provided by the company, CEO Yoshii stated, "It appears that my face was spoofed (false identity) using AI with photos and videos of myself that were publicly available on the internet," adding, "It was chilling and frightening." He reported that after requesting information regarding the matter via X (formerly Twitter), he was flooded with numerous messages stating, "An applicant with the same name has also applied to our company."
Based on the interview video received from CEO Yoshii, the Yomiuri Shimbun commissioned three organizations to analyze the footage: Navras, a venture company from the University of Tokyo possessing deepfake detection technology, and Okta, a major U.S. IT company. As a result of the investigation, all three organizations analyzed the footage as having "a high probability of being a deepfake," "possibility of being created by generative AI," or "almost certainly a forged video." Specifically, abnormal movements were identified, such as an unnatural boundary between the forehead and hair, momentary misalignment of the eyes, and a discrepancy between the mouth shape and voice.
According to Okta (an U.S. IT company providing identity and access management services), over 6,500 cases have been confirmed globally in recent years where individuals presumed to be North Korean IT technicians used generative AI to falsify their identities and participate in interviews at overseas companies. Some Japanese companies were included, and indications were found that foreign currency was acquired and remitted to North Korea. It is analyzed that this is being used as a source of funding for nuclear and missile development.
Trend Micro (Tokyo), a Japanese security firm, announced that after analyzing servers used by North Korean cybercrime organizations in late 2024, they discovered videos experimenting with deepfake technology and numerous forged resumes. In particular, there were many fake profiles boasting the experience of a "full-stack engineer" capable of handling everything from design to operation. Although CEO Yoshii is not actually a full-stack engineer, that experience was listed on his fake resume.
Masaya Takahashi, a senior specialist at Trend Micro, emphasized, "While spoofing by North Korean IT personnel has spread primarily in the U.S. and Europe, Japan is no longer an exception," adding that "companies must strengthen identity verification procedures, such as account authentication and face-to-face interviews."
Professor Ko Echizen (Information Security) at the National Institute of Informatics stated, "Although deepfakes could previously be identified through gestures such as turning one's face to the side or waving one's hand, technology has advanced so rapidly that it is now difficult to distinguish them with the naked eye." He added, "Verifying authenticity through professional conversation and using multiple authentication methods in parallel is currently the most realistic countermeasure."