The one interview question that can protect against North Korean fake workers
Adam Meyers, senior vice president of cybersecurity company CrowdStrike, shared a question to ask during an interview to check if a candidate is from North Korea.
Adam Meyers, senior vice president of cybersecurity company CrowdStrike, shared a question to ask during an interview to check if a candidate is from North Korea.
Adam Meyers shared his method for detecting North Korean fake candidates during a speech at the RSA conference in San Francisco, The Register writes .
According to a top manager at CrowdStrike, he has dealt with such "candidates" many times during interviews. And one question always drove them into a stupor.
"My favorite interview question, because we've interviewed a lot of these people, is something like, 'How fat is Kim Jong-un?' They immediately stop the conversation because it's not a good idea to say anything negative about it," said Adam Meyers.
He explained that North Koreans are using AI to create a large number of LinkedIn profiles and applications for remote work vacancies at Western companies.
During the interview, several people work: a team working on technical tasks and a "frontman" who is the one conducting the interview, although quite often he does it ineptly.
Meyers gave an example of such an interview: “One of the things we noticed is that in Poland, a person applies with a very difficult name. Then, when you connect with them via Zoom, it turns out that they are an Asian male of draft age who cannot pronounce it.”
But it often works, Meyers says. Many people get jobs, and millions of dollars are sent back to North Korea in the form of wages they receive.
These "employees" then try to steal intellectual property from their employer or run malicious software to extort money from the victim.
Once in their dream position, such employees tend to become very successful in the company, as several people work on the same task, of course, all of them together have an excellent result. For them, a promotion means more access to the company's systems.
As dev.ua previously reported, North Korea's so-called IT army has expanded its operations beyond the United States and is now increasingly attacking companies across Europe. They hide their real names and pose as employees from other countries, including Ukraine.
In addition, they began renting profiles of foreigners on LinkedIn, Fiverr, and Upwork and applying for jobs at IT companies on their behalf.
Thanks to such fake IT professionals, North Korea's national budget is being filled. For example, more than 10 such specialists were able to earn at least $88 million in 6 years in US companies .
Unfortunately, there is a known case where a Ukrainian was involved in this scheme. In 2024, a Ukrainian and an American were arrested in the United States for helping North Korean IT professionals work remotely in American companies. This scheme brought the DPRK almost $7 million.
North Korean hackers targeted freelance developers, including Ukrainian ones, under the guise of recruiters
North Korean hackers targeted freelance developers, including Ukrainian ones, under the guise of recruiters
In 2024, hackers from North Korea stole $1.3 billion in cryptocurrency: to infiltrate companies, they pose as IT specialists
In 2024, hackers from North Korea stole $1.3 billion in cryptocurrency: to infiltrate companies, they pose as IT specialists
Read the country's main IT news in our Telegram
Read the country's main IT news in our Telegram
