CyberSecurityBoard
Sponsor Register Login

North Korean IT Workers Using Real-time Deepfake to Infiltrate Organizations via Remote Job

What makes this threat particularly concerning is the accessibility of the technology – researchers demonstrated that a single individual with no prior image manipulation experience could create a synthetic identity suitable for job interviews in just 70 minutes using widely available hardware and software. To combat this emerging threat, organizations should implement multi-layered verification procedures throughout the hiring process, including requiring candidates to perform specific movements that challenge deepfake software capabilities, such as profile turns, hand gestures near the face, or the “ear-to-shoulder” technique. The technical implementation of these deepfakes typically involves utilizing generative adversarial networks (GANs) to create realistic face images, combined with facial landmark tracking software that maps expressions from the operator to the synthetic face in real-time. This advanced technique allows threat actors to present convincing synthetic identities during video interviews, enabling them to bypass traditional identity verification processes and infiltrate companies for financial gain and potential espionage. This latest methodology employs real-time facial manipulation during video interviews, allowing a single operator to potentially interview for the same position multiple times using different synthetic personas. In a concerning evolution of cyber infiltration tactics, North Korean IT workers have begun deploying sophisticated real-time deepfake technology during remote job interviews to secure positions within organizations worldwide. Palo Alto Networks researchers at Unit 42 have identified this trend following analysis of indicators shared in The Pragmatic Engineer newsletter, which documented a case study involving a Polish AI company encountering two separate deepfake candidates. The Democratic People’s Republic of Korea (DPRK) has consistently demonstrated interest in identity manipulation techniques, previously creating synthetic identities supported by compromised personal information. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 21 Apr 2025 16:50:21 +0000


Cyber News related to North Korean IT Workers Using Real-time Deepfake to Infiltrate Organizations via Remote Job

North Korean IT worker scam is now a threat to all companies, cybersecurity experts say | The Record from Recorded Future News - Since disruptions began last year and law enforcement has publicly warned companies of the practice, DTEX’s Barnhart and others said they have seen some workers try to extort companies or hand off their access to more sophisticated North Korean ...
1 month ago Therecord.media
North Korean IT worker army expands operations in Europe - GTIG's report follows multiple warnings issued by the FBI regarding North Korea's massive army of IT workers sent abroad to generate revenue, who have tricked hundreds of companies in the United States and worldwide into hiring them over the years. ...
2 months ago Bleepingcomputer.com
Adobe Real-Time CDP: Personalized Customer Experience - Adobe Experience Cloud Products like Adobe Real-Time CDP are available to assist. A revolutionary solution called Adobe Real-Time Customer Data Platform was created to assist companies in realizing the whole value of their customer data. Adobe ...
1 year ago Hackread.com
Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks - Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet, that uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for ...
1 year ago Microsoft.com
Woman Accused of Helping North Korean IT Workers Infiltrate Hundreds of US Firms - The US government has announced charges, seizures, arrests and rewards as part of an effort to disrupt a scheme in which North Korean IT workers infiltrated hundreds of companies and earned millions of dollars for North Korea. According to the ...
1 year ago Securityweek.com
Cybersecurity for Remote Workers: Best Practices - In the current era of remote work, organizations worldwide face a critical concern: ensuring the cybersecurity of their remote workers. To address this issue, businesses must establish a robust cybersecurity framework that incorporates best practices ...
1 year ago Securityzap.com
North Korea's state hackers stole $3 billion in crypto since 2017 - North Korean-backed state hackers have stolen an estimated $3 billion in a long string of hacks targeting the cryptocurrency industry over the last six years since January 2017. Kimsuky, Lazarus Group, Andariel, and other North Korean hacking groups ...
1 year ago Bleepingcomputer.com Andariel Kimsuky Lazarus Group
North Korean Hackers Use Fake Job Offers & Salary Bumps as Lure for Crypto Theft - Recent investigations have uncovered a massive operation carried out by North Korean hackers looking to steal cryptocurrency through fake job offers and salary bumps. According to recent reports, hackers have been able to trace the malicious ...
2 years ago Therecord.media
Cyber Employment 2024: Sky-High Expectations Fail Businesses & Job Seekers - Well-publicized estimates of a massive shortfall in cybersecurity workers have resulted in high expectations among job seekers in the field, but the reality often falls flat, because of a mismatch between companies' requirements and job seekers' ...
1 year ago Darkreading.com Equation
North Korean IT Workers Using Real-time Deepfake to Infiltrate Organizations via Remote Job - What makes this threat particularly concerning is the accessibility of the technology – researchers demonstrated that a single individual with no prior image manipulation experience could create a synthetic identity suitable for job interviews in ...
2 months ago Cybersecuritynews.com
Reserachers Uncovered North Korean Nationals Remote IT Worker Fraud Scheme - In a significant cybersecurity investigation, researchers have revealed an elaborate fraud scheme orchestrated by North Korean nationals who used stolen identities to secure remote IT positions at US-based companies and nonprofits. The operation ...
1 month ago Cybersecuritynews.com
North Korean IT workers seen using AI tools to scam firms into hiring them | The Record from Recorded Future News - In an effort to improve its own onboarding process and help customers dealing with the scheme, cybersecurity firm Okta conducted research into online services used by individuals identified by U.S. authorities and third parties as agents for the ...
1 month ago Therecord.media
North Korean Hackers Utilizing Credential Stuffing to Launch Cyberattacks - In an alarming new report, researchers found that North Korean-linked hackers have been using stolen passwords during cyberattacks to gain access to various government, military and financial networks. According to security experts, the creative ...
2 years ago Thehackernews.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
North Korea's Kimsuky Attacks Rivals' Trusted Platforms - North Korea-linked threat groups are increasingly using living-off-the-land (LotL) techniques and trusted services to evade detection, with a recent Kimsuky campaign showcasing the use of PowerShell scripts and storing data in Dropbox folders, along ...
4 months ago Darkreading.com Andariel Kimsuky
US govt sanctions North Korea's Kimsuky hacking group - The Treasury Department's Office of Foreign Assets Control has sanctioned the North Korean-backed Kimsuky hacking group for stealing intelligence in support of the country's strategic goals. OFAC has also sanctioned eight North Korean agents for ...
1 year ago Bleepingcomputer.com Andariel Kimsuky
macOS Malware Mix & Match: North Korean APTs Stir Up Fresh Attacks - North Korean advanced persistent threat groups are mixing and matching components of two recently unleashed types of Mac-targeted malware to evade detection and fly under the radar as they continue their efforts to conduct operations at the behest of ...
1 year ago Darkreading.com
Indian Government Warns Social Media Platforms Over Deepfake Misinformation - In a strong statement directed at social media platforms, the government of India has emphasized the critical need for swift identification and removal of misinformation, including deepfakes, or risk facing legal consequences. This warning follows a ...
1 year ago Cysecurity.news
North Korean IT Workers Infiltrate International Companies To Plant Backdoors on Systems - The infiltration of North Korean IT workers into international companies poses a dual threat of sanctions violations and severe cybersecurity risks. The rise of remote work has provided new opportunities for North Korean IT workers to gain employment ...
4 months ago Cybersecuritynews.com
State-Sponsored APT Groups Use Ransomware Tactics for Intelligence Gathering and Sabotage - State-sponsored threat groups are increasingly using ransomware-like tactics to hide more insidious activities. Russian APT group Sandworm has used ransomware programs to destroy data multiple times in the past six months, while North Korea's Lazarus ...
2 years ago Csoonline.com Andariel APT3 APT37 APT38 Kimsuky Lazarus Group BianLian
Deepfake-Generating Apps Explode, Allowing Multimillion-Dollar Corporate Heists - Deepfake creation software is proliferating on the Dark Web, enabling scammers to carry out artificial intelligence-assisted financial fraud with previously unheard of creativity and scope. Consider what happened a few weeks back, when a Hong ...
1 year ago Darkreading.com
Unmasking Moonstone Sleet: A Deep Dive into North Korea's Latest Cyber Threat - Moonstone Sleet: A New North Korean Threat Actor Microsoft discovered a new North Korean threat actor, Moonstone Sleet, who targets companies with a combination of tried-and-true techniques used by other North Korean threat actors as well as unique ...
1 year ago Cysecurity.news
FBI Charges North Korean Hackers Over $100 Million Stolen in Crypto Hack - The FBI has recently charged a North Korean hacker in connection with the Harmony crypto hack from which the hacker allegedly stole over $100 million. The hacker, Jon Chang Hyok, is a member of the North Korean military intelligence agency, the ...
2 years ago Bleepingcomputer.com
15 PostgreSQL Monitoring Tools - 2025 - What is Good?What Could Be Better?Monitoring application performance, user experience, and errors.Some users find the pricing high, especially for larger environments.Continuous server, database, and infrastructure monitoring.The extensive feature ...
1 month ago Cybersecuritynews.com
North Korean hackers linked to defense sector supply-chain attack - In an advisory today Germany's federal intelligence agency and South Korea's National Intelligence Service warn of an ongoing cyber-espionage operation targeting the global defense sector on behalf of the North Korean government. The attacks aim to ...
1 year ago Bleepingcomputer.com Lazarus Group

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)