"The scam typically involves state-backed fraudsters applying for remote IT work in the west, using fake identities and the help of facilitators in the country where the company targeted is based. Once hired, they send their wages back to Kim Jong-un's state and have even been known to threaten to release sensitive company data after being fired."
"Jasper Sleet leverages AI across the attack lifecycle to get hired, stay hired, and misuse access at scale. The tech company said the scammers had used voice-changing software during remote interviews to mask their accents, allowing them to pass as western candidates. They also use the AI app Face Swap to insert the faces of North Korean IT workers into stolen identity documents."
"Microsoft said the fake workers had used AI platforms to generate culturally appropriate name lists and matching email address formats to construct false identities for job applications. The company said an example prompt might be create a list of 100 Greek names or create a list of email address formats using the name Jane Doe."
North Korea is deploying fake IT workers to Western companies using sophisticated AI-enhanced fraud schemes. State-backed groups, identified as Jasper Sleet and Coral Sleet, apply for remote IT and software development positions using fabricated identities and stolen documents altered with AI technology. Voice-changing software masks accents during interviews, while face-swap applications insert North Korean workers' faces into stolen identity documents and generate professional headshots. AI platforms generate culturally appropriate names and email formats to construct convincing false identities. Once hired, these workers send wages back to North Korea and have threatened to release sensitive company data when terminated. Microsoft disrupted 3,000 compromised Outlook and Hotmail accounts used in these schemes.
Read at www.theguardian.com
Unable to calculate read time
Collection
[
|
...
]