North Korean remote workers landing jobs in the West

SUMMARY :

North Korean threat actors are utilizing Contagious Interview and WageMole campaigns to secure remote employment in Western countries, evading financial sanctions. The Contagious Interview campaign has been updated with improved script obfuscation and multi-platform support, targeting over 100 devices across various operating systems. The campaign steals sensitive data, including source code and cryptocurrency information. WageMole leverages stolen data to create fake identities, using generative AI to acquire and perform jobs. The actors aggressively target developers through social media and job platforms, focusing on web, cryptocurrency, and AI roles. They use sophisticated techniques to bypass background checks and secure legitimate remote positions, particularly in small to mid-sized businesses.

OPENCTI LABELS :

social engineering,cryptocurrency,data theft,beavertail,contagious interview,invisibleferret,wagemole,sanctions evasion,remote work,job fraud


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


North Korean remote workers landing jobs in the West