Newsie Events:
KnowBe4, a cybersecurity firm in Clearwater, recently uncovered a sophisticated scam involving a fraudulent remote software engineer who turned out to be part of a North Korean operation.
The incident began when the supposed new hire’s company laptop started downloading malware designed to steal passwords.
Suspicion deepened when the employee refused to appear on camera to explain the situation.
Further investigation revealed that this “new hire” was, in fact, a hacker from North Korea, working in tandem with a U.S.-based laptop farm.
Roger Grimes, KnowBe4’s “defense evangelist,” later realized that there were early warning signs.
The imposter had agreed to four video interviews but provided references with generic Gmail addresses, and had the company laptop delivered to a different state than the one he claimed to reside in.
The situation grew more convoluted as it became clear that at least three “nefarious actors” were involved.
The real American whose identity was stolen was complicit in the scam, even passing an in-person drug test required for the job.
Once the background check was cleared, someone else picked up the company laptop, presenting an ID with the same name but a different photo.
Grimes believes this person was linked to the laptop farm—a data center enabling foreign hackers to masquerade as U.S. workers while stealing valuable data.
This individual likely reported back to the North Korean scammer, who may have connections to the state.
KnowBe4 quickly locked the scammer out of the system and reported the incident to the FBI.
Neil Khatod, the chief information security officer at the Tampa-based recruiting agency Hays, noted that the scammer’s blatant malware download was a rookie mistake.
He could have easily played the long game, slowly gathering information and building trust before making his move.
The FBI later confirmed that the scam was part of a well-known North Korean data-stealing operation.
Grimes shared his experience at a national conference in Las Vegas, discovering that several other companies had fallen prey to the same scam, with one even encountering the exact same stolen identity.
Some companies only realized something was amiss after months of quiet data theft.
Grimes speculates that someone may have botched the KnowBe4 scam, questioning why they would take the risky step of installing known malware.
This incident underscores the risks companies face in the era of remote work, particularly when handling sensitive client data.
Local cybersecurity experts offered advice to protect against such threats: conduct in-person interviews whenever possible, vet references carefully by contacting unlisted former colleagues, and ensure that different parts of the hiring process are connected to catch any inconsistencies.
Fake hires are just one of the many cyber threats facing companies today.
Jeremy Rasmussen, CTO of Tampa cybersecurity firm Abacode, shared how foreign hackers have also targeted payroll administrators to divert funds into international accounts, with one construction firm losing $250,000 this way.
As cyberattacks surge nationwide, with losses reaching $12.5 billion in 2023, hypervigilance and robust IT defenses remain the best protection.
In a strange twist, one company infiltrated by a North Korean IT worker even received their stolen laptop back—complete with a sticky note bearing the firm’s name, as if it were just one of many devices stolen in the pursuit of data. – Culled From Tampa Bay Times/Tribune News Service
NEWSIE EVENTS MEDIA TEAM Follow Us On Twitter: @NewsieEvents, Instagram: newsieevents, Facebook: Newsie Events (Subscribe to our YouTube Page: Newsie Eventsng. LinkedIn Newsie Events