More than just a Free VPN

Cybersecurity

North Korean Hacker Poses as Remote Worker, Infiltrates US Firm

North Korean Hacker Poses as Remote Worker, Infiltrates US Firm

A US security firm, KnowBe4, recently discovered it had unknowingly hired a North Korean hacker posing as a remote software engineer. The breach was detected when the hacker’s company-issued Mac began loading malware immediately upon activation.

Quick action by KnowBe4’s IT team, along with support from the FBI and Google’s Mandiant, prevented the hacker from compromising the company’s internal systems.

The hacker, posing as an IT worker, manipulated session files and used a Raspberry Pi to install malware. When confronted, the individual became unresponsive.

The investigation revealed the hacker was part of a scheme where North Koreans use stolen identities to secure remote IT jobs, generating revenue and stealing information for illicit programs.

KnowBe4 emphasizes the need for robust vetting processes and continuous security monitoring. They advise the industry to conduct video interviews and thoroughly check references to prevent such incidents. This case highlights the growing threat of sophisticated cyber-attacks and the importance of vigilant security measures in remote hiring.