----------------------------------------------------------------------------------
@MSGID: 31730.politicf@1:2320/105 2c7d2887
@TZUTC: -0500
@PID: Synchronet 3.20a-Linux master/acc19483f Apr 26
202 GCC 12.2.0
@TID: SBBSecho 3.20-Linux master/acc19483f Apr 26
2024 23:04 GCC 12.2.0
@BBSID: CAPCITY2
@CHRS: ASCII 1
Asking remote job candidates this shocking question could save your company
big bucks, security expert says
Date:
Sun, 04 May 2025 03:03:00 +0000
Description:
Asking remote job candidates this one shocking question could save your
company from being infiltrated by North Korean spies.
FULL STORY
======================================================================
- North Korean agents use AI to apply for remote tech jobs
- Simple questions about Kim Jong Un instantly derail their job interviews
- Laptop farms and deepfakes help agents bypass remote hiring defenses
At the recent RSA Conference in San Francisco, security experts raised the
alarm over a growing and increasingly sophisticated campaign by North Korean
operatives to infiltrate global companies through remote job applications .
Speaking at a panel, Adam Meyers, senior vice president of CrowdStrike`s
counter adversary division, said thousands of North Korean workers have
managed to secure roles in Fortune 500 companies.
According to Meyers, these infiltrators use tools like generative AI to
produce polished LinkedIn profiles and job applications, as during technical
interviews, multiple collaborators work behind the scenes to complete coding
challenges while a single individual handles video calls, sometimes
unconvincingly.
An unexpected question
"One of the things that we`ve noted is that you`ll have a person in Poland
applying with a very complicated name," Meyers explained. "And then when you
get them on Zoom calls it`s a military age male Asian who can`t pronounce
it."
Meyers shared his favorite method of exposing such candidates: asking an
off-script question. "How fat is Kim Jong Un? They terminate the call
instantly, because it`s not worth it to say something negative about that,"
he said.
Once inside a company, the infiltrators often excel, thanks to team-based
efforts behind a single identity.
FBI Special Agent Elizabeth Pelker said this success can make employers
hesitant to remove suspected agents. "I think more often than not, I get the
comment of `Oh, but Johnny is our best performer. Do we actually need to fire
him?`"
The goals of these North Korean infiltrators are twofold: collecting wages
and gradually exfiltrating intellectual property, often in small amounts to
avoid detection.
Pelker recommended conducting coding interviews within the corporate
environment to observe behavioral red flags. If detected and dismissed, these
workers may still hold credentials or leave behind dormant malware for later
extortion attempts.
The operation has evolved further. Meyers described how laptop farms in the
U.S. allow remote workers to spoof local IPs. In one case, the FBI busted a
farm in Nashville. Meanwhile, false identity schemes have emerged in Ukraine,
with citizens unknowingly supporting North Korean efforts.
Pelker warned that deepfake technology is also being used to fool hiring
teams. Education and vigilance, she said, remain the best defense. As one
panelist put it, organizations should be wary of hiring fully remote workers
and consider personal meetings whenever possible.
Via The Register
======================================================================
Link to news story:
https://www.techradar.com/pro/security/asking-remote-job-candidates-this-shock
ing-question-could-save-your-company-big-bucks-security-expert-says
$$
--- SBBSecho 3.20-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)
SEEN-BY: 1/120 18/0 50/109 103/705 116/116 123/0
25 180 525 755 3001 3002
SEEN-BY: 124/5016 135/115 153/757 7715 154/10 30
203/0 221/0 222/2 240/1120
SEEN-BY: 240/1634 5832 8002 8005 8050 250/1 263/1
275/1000 280/464 5003 5006
SEEN-BY: 292/854 8125 301/1 310/31 313/41 335/364
341/66 234 371/0 396/45
SEEN-BY: 423/120 460/58 467/888 492/0 530/204
633/280 712/848 1321 770/1
SEEN-BY: 2320/0 105 107 3634/0 12 24 27 56 57
58 60 5000/111 5020/400 715 846
SEEN-BY: 5020/848 1042 4441 12000 5030/49 1081
5058/104 5061/133 5075/128
SEEN-BY: 5083/444
@PATH: 2320/105 3634/12 240/1120 280/464 467/888
5020/1042 4441