TLDR:
- Security training provider KnowBe4 hired a fake North Korean IT worker for a software engineering role on its AI team.
- The fake employee started loading malware on the company-provided computer but was detected in 25 minutes.
In a surprising turn of events, security awareness and training provider KnowBe4 hired a fake North Korean IT worker for a software engineering role, who immediately started using his company-provided computer for malicious purposes. The fake employee used a stolen US-based ID and a stock photo modified with AI to fake their identity. KnowBe4’s security software detected the malware in just 25 minutes, leading to the discovery of the imposter.
The FBI has been alerted about the incident, as it seems to be part of a larger scam where fake tech workers earn money to fund illegal programs in North Korea. KnowBe4’s transparency in sharing this incident was praised by infosec luminary Brian Krebs, highlighting the importance of monitoring devices with remote access features and vetting candidates thoroughly to confirm their location and authenticity.
While North Korea’s attempts to infiltrate organizations through fake tech workers is not a common occurrence, it serves as a reminder that even security-focused companies like KnowBe4 can fall victim to social engineering attacks. This incident underscores the need for robust security measures and vigilance in identifying potential threats in the digital landscape.