- North Korea computer pirates are using Genai to have work in Western companies
- A new OKTA investigation reveals CV and messages written by AI
- This is an escalation of an existing false interview campaign.
A new OKTA research has revealed that the computer pirates of the Democratic Popular Republic of Korea (DPRK) are using generative AI in their malicious interview campaign, a series of tactics that involve obtaining employment in remote technical roles in Western companies, usually in industries with sensitive safety data such as defense, aerospace or engineering.
This is not the first time that the false computer pirates of North Korea have made an additional effort with their campaigns, but new research has found that Genai is playing an integral role in employment schemes.
The AI models are used to “create convincing characters in numerous stages of the employment and interview process” and then, once hired, Genai is used again to help maintain multiple roles, all obtaining income for the state.
Malicious interview
AI was used by these computer pirates in several ways, including the generation of CVS and presentation letters, conducting simulated interviews through chat and webcam, translating, translating and summarizing messages, as well as administering communications for multiple works of different accounts and services.
To help, computer pirates have a sophisticated network of “facilitators” that provide support in the country, technical infrastructure and “legitimate commercial coverage”, helping North Koreans with national addresses, legitimate documents and support during the recruitment process.
The campaign is growing more and more sophisticated, especially since the computer pirates are now using both sides of the job search process, pointing to employment applicants with false interviews, in which they deliver malware and infestos of infants.
These elaborated schemes often begin on legitimate platforms such as LinkedIn or Upwork, with the attackers who communicate with the victims to discuss potential opportunities. Any person in the job search or in the hiring process must be very attentive to whom they are talking to, and must be careful not to download any unknown software.
