North Korean hacker got hired by US security vendor, immediately loaded malware
North Korean hacker got hired by US security vendor, immediately loaded malware
KnowBe4, which provides security awareness training, was fooled by stolen ID.
Even though the photo provided to HR was fake, the person who was interviewed for the job apparently looked enough like it to pass.
why not send an actual picture of his face?
My guess would be that they needed to get a mid-point between existing photos of the guy whose identity they stole and the guy that would show up in the video interviews.
This is the company that made "The Inside Man", a series where a company gets infiltrated by not being careful enough of who they hire
Oh yeah, I remember having to watch those for onboarding. They weren't as cheesy as they could have been for an informational video.
I do appreciate how they're handling it, though. A public post-mortem is much more reassuring than damage control PR. Plus, being honest means they gain the IT folks who actually have to use their stuff as allies.
Yeah, the series is pretty entertaining actually. And for the PR thing, they pitched it as a learning incident, and I agree with that, but they are lucky nothing truly bad happened because this company sends phishing tests, and a link could be replaced by the attackers - kind of like in a fake fake phishing email.
Way to break that hard earned trust guys
They lost any trust when we learned they are a bunch of bat-shit scientologists.
North Korea?
The scam is that they are actually doing the work, getting paid well, and give a large amount to North Korea to fund their illegal programs.
So even if you do the work and do it well, you’re not allowed to spend your money how you see fit
I just wonder how many haven't been caught...
Based
How does that even happen lmao
I don't get what the AI picture was for