North Korean Hackers Turn to AI for Remote Job Scams
North Korean hackers are increasingly leveraging AI tools to infiltrate remote IT jobs fraudulently. According to a report from Okta, a company that provides sign-in services for numerous businesses, these hackers are using various online services to bypass US sanctions and secure employment.
Okta's recent findings highlight the role of facilitators—middlemen who assist North Koreans in obtaining these jobs. For example, two US citizens were arrested for helping North Koreans secure remote IT positions. In another case, a man in Nashville was caught running a “laptop farm” to assist North Korean workers in masquerading as US-based IT professionals.
The facilitators are utilizing various generative AI services to enhance the efficiency of these fraudulent activities. Some of these services offer unified messaging, enabling users to manage multiple accounts across different platforms seamlessly. Others provide AI Superpowers to applicants, helping them outsmart employer robots and successfully navigate automated CV scans used by recruiting platforms.
Additionally, these facilitators are utilizing AI programs that conduct mock interviews and provide tips for improvement. Okta suspects that North Koreans are also employing these services to test their AI-powered deepfakes, which allow them to disguise their identities during video calls. HR firms have increasingly reported scammers using deepfakes to swap identities, even in real-time video calls.
Okta concluded that the scale of these operations suggests that even short-term employment can become a viable economic opportunity for the Democratic People's Republic of Korea (DPRK) when combined with automation and generative AI.
Federal investigators have indicated that North Koreans are securing these remote IT jobs to generate funds for their government. In some instances, they steal confidential data and demand ransoms. In response to these threats, the FBI and cybersecurity firms are urging companies to carefully vet candidates for remote positions.
While Okta did not disclose specific investigation methods, it mentioned that they observed these activities through Okta login pages.
Comments
Join Our Community
Sign up to share your thoughts, engage with others, and become part of our growing community.
No comments yet
Be the first to share your thoughts and start the conversation!