In an effort to improve its own onboarding process and help customers dealing with the scheme, cybersecurity firm Okta conducted research into online services used by individuals identified by U.S. authorities and third parties as agents for the Democratic People’s Republic of Korea (DPRK). Okta researchers observed the use of multiple AI-enhanced services used to manage the email and phone communications of multiple personas; translate and transcribe communications; generate resumes and cover letters; conduct mock job interviews; test and improve job applications; and more. North Korean IT workers illicitly gaining employment at U.S. and European tech companies are increasingly using generative artificial intelligence in a variety of ways to assist them throughout the job application and interview process. “Facilitators extensively employ AI-enhanced tools to help minimally skilled, non-native English-speaking workers maintain software engineering positions, allowing them to channel earnings towards the sanctioned DPRK regime,” Okta said. Okta used indicators previously associated with known DPRK facilitators and agents to track their use of generative AI applications and worked with highly targeted customers and partners to examine the campaigns. The Justice Department said North Korea has potentially made hundreds of millions of dollars through the scheme, where workers living in Southeast Asia or China obtain remote IT jobs at U.S. or European companies. With the help of U.S.-based facilitators, some workers hold multiple jobs at one time, earning high-paying salaries that are then sent back to the North Korean government. Generative AI tools were also deployed to help automate the process of filling out job applications — allowing one person to handle the applications of multiple people and multiple personas. In an interview with Recorded Future News, Coinbase chief information security officer Jeff Lunglhofer said almost every Fortune 500 company is now dealing with the issue, and has changed the way his firm conducts hiring. Once employed, GenAI tools are also used to assist in maintaining multiple simultaneous roles to earn revenue for the state,” Okta said in a report shared with customers. Western facilitators of the scheme were also seen using services designed to improve the chances of resumes making it past automated CV scanners used by many large companies. Facilitators were seen using automated AI webcam interview reviews that critique first round interviews and provide advice on lighting, filters and conversational skills. Okta said it has now built features into its products, like ID verification services, they believe customers can use to reduce the threat of hiring illicit workers. Other security firms recently spotlighted instances of North Koreans using real-time “deepfake” video during interviews.
This Cyber News was published on therecord.media. Publication date: Thu, 24 Apr 2025 19:10:19 +0000