Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesCopyBotsEarn
KnowBe4 recruited fake North Korean AI tech professional

KnowBe4 recruited fake North Korean AI tech professional

Cryptopolitan2024/07/24 12:28
By:By Aamir Sheikh

Share link:In this post: Security training provider KnowBe4 hired a fake software engineer for its AI team. The new hire tried to manipulate the company’s system, which was detected by the firm’s security software. North Korea promotes its citizens as tech workers to earn money and find malware targets.Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent res

KnowBe4 hired a fake IT worker as a software engineer on its artificial intelligence (AI) team. The security training firm KnowBe4 realized its oversight after the new hire began using his company-issued computer with wrongful intentions.

Also read: Credential theft is on the rise and the target is core cybersecurity administrators

The security training provider admitted to the hire in a post on Tuesday. The company’s CEO, Stu Sjouwerman, said that the company’s human resource team interviewed the candidate four times on video conference calls. 

The CEO said the company also confirmed that the same person appears in video interviews as in the picture attached to the job application.

KnowBe4’s new hire was using a fake US ID

Sjouwerman said his company conducted proper background checks before hiring the worker. When every detail was confirmed, the person was hired, and a Mac system was sent to him so that he could start working for the firm.

Sjouwerman said the problem started when the new employee received his workstation. He said, “We sent them their Mac workstation, and the moment it was received, it immediately started to load malware.”

Later, the company found that the culprit was using a stolen US ID and a stock photo, which he tweaked with AI to fake his identity. However, before the faker could steal any valuable information, KnowBe4’s malware detection software identified the malware that he uploaded.

Also read: North Korean hackers infiltrate crypto projects as employees

According to the CEO, a probe was initiated after the software detected the malware and informed their InfoSec Security Operations Center (SOC). 

When the company’s security operations team asked the new hire about the malware and if they could be of any help, things “got dodgy fast,” wrote the CEO. The fake employee replied that he was having some problems with his router and was troubleshooting some speed issues. He insisted that he was following his router guide, which may have caused the issue.

When the company tried to call the fake worker, they got no response from his side. KnowBe4 noted that the user took multiple steps to alter session history files, execute unauthorized software, and upload potentially harmful files to the company network.

North Korea promotes its citizens as tech workers to earn money

North Korea is known for promoting its citizens as tech workers to earn money from foreign companies, according to a report by The Register. Once employed, they find malware targets, which is a well-documented fact according to the publication.

After the company evaluated the attacker’s activities, it shared the information with the FBI for further investigation. The company’s own security team evaluated that the activities were carried out intentionally.

KnowBe4 said the attacker wasn’t successful in gaining any illegal access and wasn’t able to steal any data from the company’s systems. Sjouwerman suggested other firms can avoid such mishaps by utilizing monitoring devices for remote access. KnowBe4’s head also said that sophisticated VPN use and conflicting personal information should be considered warning signs. 

Sjouwerman said the real “scam is that they are actually doing the work, getting paid well, and giving a large amount to North Korea to fund their illegal programs.”

0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.
APR up to 10%. Always on, always get airdrop.
Lock now!

You may also like

Ethereum futures open interest hits new all-time high of over $20 billion, signalling bullish momentum: CryptoQuant

Ethereum futures open interest across all exchanges has hit a new all-time high, according to CryptoQuant data.Positive funding rates and record leverage ratios highlight increased risk-taking, with traders betting on rising Ethereum prices.

The Block2024/11/22 10:33

US dollar index DXY breaks through 108

Cointime2024/11/22 10:00