KnowBe4 - How a North Korean Fake IT Worker Tried to Infiltrate Us
Incident Report Summary: Insider Threat
TLDR: KnowBe4 was in need of a software engineer for our internal IT AI team. Posted the job, got resumes, did the interviews, did the background check, checked the references and hired the person. We sent the Mac and the moment it was received it immediately started to load malware. The EDR software saw it and started to throw alerts to our InfoSec SOC team. SOC called the new hire and asked if they could help. That's when it got dodgy fast. We immediately locked the box and started investigating. Worked with Mandiant and the FBI. Turns out this was a fake IT worker from north Korea. The picture you see is an AI deepfake that started out with stock photography (below).
from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/how-a-north-korean-fake-it-worker-tried-to-infiltrate-us
Comments
Post a Comment