Subj : North Korean hackers are To : All From : Mike Powell Date : Sat Apr 26 2025 10:46:00 North Korean hackers are using advanced AI tools to help them get hired at Western firms Date: Fri, 25 Apr 2025 18:00:00 +0000 Description: Research revealed the DPRK is using AI in its malicious campaign. FULL STORY ====================================================================== - North Korean hackers are using GenAI to hold jobs in western firms - New research from Okta reveals AI written CVs and messages - This is an escalation from an existing fake interview campaign New research from Okta has revealed that hackers from the Democratic Peoples Republic of Korea (DPRK), are using generative AI in its malicious interview campaign - a series of tactics that involve gaining employment in remote technical roles in western firms, usually in industries with sensitive security data like defense, aerospace, or engineering. This isnt the first time North Korean fake job hackers have gone the extra mile with their campaigns, but the new research has found that GenAI is playing an integral role in the employment schemes. The AI models are used to create compelling personas at numerous stages of the job application and interview process and then, once hired, GenAI is again used to assist in maintaining multiple roles, all earning revenue for the state. Malicious interview AI was used by these hackers in a number of ways, including generating CVs and cover letters, conducting mock interviews via chat and webcam, translating, translating, and summarising messages, as well as managing communications for multiple jobs from different accounts and services. To assist, the hackers have a sophisticated network of facilitators that provide in-country support, technical infrastructure, and legitimate business cover - helping the North Koreans with domestic addresses, legitimate documents, and support during the recruitment process. The campaign is growing ever more sophisticated, especially given that hackers are now using both sides of the job seeking process, targeting job seekers with fake interviews , in which they deliver malware and infostealers. These elaborate schemes often start on legitimate platforms like LinkedIn or Upwork - with the attackers reaching out to victims to discuss potential opportunities. Anyone on the job hunt or in the hiring process should be extra vigilant about who they are speaking to, and should be careful not to download any unfamiliar software. ====================================================================== Link to news story: https://www.techradar.com/pro/security/north-korean-hackers-are-using-advanced -ai-tools-to-help-them-get-hired-at-western-firms $$ --- SBBSecho 3.20-Linux * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105) .