North Korean hackers target US AI, crypto job applicants with fake listing platforms

Cybersecurity researchers have discovered that North Korean hackers have begun using new methods to target American job seekers, particularly in the artificial intelligence and cryptocurrency fields. They are creating fake job application platforms to screen out candidates for major companies, posing a serious data security threat.

A New Approach to Cyberattacks

While North Korean hackers have been engaging in similar activities for years, researchers from Validin have identified a new element in their strategy. The hackers are now seeking to gain long-term access to job seekers' computers before they are hired, rather than simply impersonating company employees. This change in approach makes their attacks more sophisticated and difficult to detect.

Operation "Contagious Interview"

In an operation dubbed "Contagious Interview," North Korean hackers target individuals, stealing know-how for the Kim Jong-un regime. They use fake job search platforms to create the appearance of legitimacy in the hiring process. This allows them to bypass traditional security measures that employers may have in place.

Advantages for Hackers

Kenneth Kinyon, CEO of Validin, told CNN that targeting job seekers gives North Korean hackers a significant advantage. Instead of trying to bypass employer protections, they take control of the entire hiring process, making it appear completely legitimate in the eyes of job seekers. This creates an illusion of security, making candidates more vulnerable.

Lureout Tactics

Job seekers who believe the process is legitimate are much more likely to open any files sent to them as part of a supposed interview. Hackers lure candidates with fake job offers, offer to record video responses, and help them configure their webcam using tools. These steps create the appearance of a real interview, significantly increasing the hackers' chances of success.

In Conclusion

Thus, the new methods used by North Korean hackers pose a serious threat to job seekers in high-tech industries. Creating fake job application platforms allows them to bypass traditional security measures and access valuable data. Job seekers should be especially vigilant and cautious to avoid falling victim to such cyberattacks.