TZUTC: -0500
MSGID: 1102.consprcy@1:2320/105 2c7cb0e3
PID: Synchronet 3.20a-Linux master/acc19483f Apr 26 202 GCC 12.2.0
TID: SBBSecho 3.20-Linux master/acc19483f Apr 26 2024 23:04 GCC 12.2.0
BBSID: CAPCITY2
CHRS: ASCII 1
Asking remote job candidates this shocking question could save your company
big bucks, security expert says

Date:
Sun, 04 May 2025 03:03:00 +0000

Description:
Asking remote job candidates this one shocking question could save your
company from being infiltrated by North Korean spies.

FULL STORY
======================================================================
 - North Korean agents use AI to apply for remote tech jobs
 - Simple questions about Kim Jong Un instantly derail their job interviews
 - Laptop farms and deepfakes help agents bypass remote hiring defenses

At the recent RSA Conference in San Francisco, security experts raised the
alarm over a growing and increasingly sophisticated campaign by North Korean
operatives to infiltrate global companies through remote job applications . 

Speaking at a panel, Adam Meyers, senior vice president of CrowdStrike's
counter adversary division, said thousands of North Korean workers have
managed to secure roles in Fortune 500 companies. 

According to Meyers, these infiltrators use tools like generative AI to
produce polished LinkedIn profiles and job applications, as during technical
interviews, multiple collaborators work behind the scenes to complete coding
challenges while a single individual handles video calls, sometimes
unconvincingly.

An unexpected question 

"One of the things that we've noted is that you'll have a person in Poland
applying with a very complicated name," Meyers explained. "And then when you
get them on Zoom calls it's a military age male Asian who can't pronounce 
it." 

Meyers shared his favorite method of exposing such candidates: asking an
off-script question. "How fat is Kim Jong Un? They terminate the call
instantly, because it's not worth it to say something negative about that," 
he said. 

Once inside a company, the infiltrators often excel, thanks to team-based
efforts behind a single identity. 

FBI Special Agent Elizabeth Pelker said this success can make employers
hesitant to remove suspected agents. "I think more often than not, I get the
comment of 'Oh, but Johnny is our best performer. Do we actually need to fire
him?'" 

The goals of these North Korean infiltrators are twofold: collecting wages 
and gradually exfiltrating intellectual property, often in small amounts to
avoid detection. 

Pelker recommended conducting coding interviews within the corporate
environment to observe behavioral red flags. If detected and dismissed, these
workers may still hold credentials or leave behind dormant malware for later
extortion attempts. 

The operation has evolved further. Meyers described how laptop farms in the
U.S. allow remote workers to spoof local IPs. In one case, the FBI busted a
farm in Nashville. Meanwhile, false identity schemes have emerged in Ukraine,
with citizens unknowingly supporting North Korean efforts. 

Pelker warned that deepfake technology is also being used to fool hiring
teams. Education and vigilance, she said, remain the best defense. As one
panelist put it, organizations should be wary of hiring fully remote workers
and consider personal meetings whenever possible. 

Via The Register

======================================================================
Link to news story:
https://www.techradar.com/pro/security/asking-remote-job-candidates-this-shock
ing-question-could-save-your-company-big-bucks-security-expert-says

$$
--- SBBSecho 3.20-Linux
 * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)
SEEN-BY: 105/81 106/201 128/187 129/305 153/7715 154/110 218/700 226/30
SEEN-BY: 227/114 229/110 111 114 206 300 307 317 400 426 428 470 664
SEEN-BY: 229/700 705 266/512 291/111 320/219 322/757 342/200 396/45
SEEN-BY: 460/58 712/848 902/26 2320/0 105 3634/12 5075/35
PATH: 2320/105 229/426