Researchers at Nisos warn that North Korean threat actors are impersonating skilled job seekers in order to obtain remote employment at US companies.
“The identified personas claim to have highly sought-after technical skills and experience and often represent themselves as U.S.-based teleworkers, but Nisos investigators found indications that they are based abroad,” the researchers write.
“Boasting expert-level skills in mobile and web-based applications as well as a number of programming languages, the personas also list significant remote work experience which can be difficult to verify. The personas further obfuscate their identities by impersonating U.S.-based individuals’ identities and/or copying resume content from publicly visible profiles of unassociated individuals, further increasing the difficulty of identifying the personas.”
The researchers note that the threat actors have crafted phony personas on job-seeking platforms.
“Nisos investigators found that although the personas are often active on professional networking sites, IT industry-specific freelance contracting platforms, software development platforms, and common messaging applications, they are usually not active on social media platforms,” the researchers write.
“Nisos assesses that the accounts were created solely for the purpose of acquiring employment. Investigators found instances of several accounts, associated with a persona, using the same picture but different names; other accounts lacked profile photos. Investigators also found that many of the accounts are only active for a short period of time before they are disabled. Nisos assesses the accounts remained active only for a short period of time because they were created in support of an application for a specific position or were flagged for fraudulent behavior and removed by the platform provider.”
Nisos explains that hiring these individuals is a violation of US and UN sanctions, since they “provide a critical stream of revenue that helps fund the DPRK regime’s highest economic and security priorities, such as its weapons development program, and may also leak intellectual property (IP) and other sensitive information to the DPRK.”
KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
Nisos has the story.
Here's how it works:
