🚨 North Korean hackers are targeting Macs: It starts with an email containing a fake crypto news headline, like “Hidden Risk Behind New Surge of Bitcoin Price,” and includes a link to a PDF. The link actually leads to a malicious app that lets the sender take control of your system. If you’ve clicked on a random PDF link recently, scan for malware ASAP.
When a spy takes over IT at your company
John is my “IT Genius.” I trust John, and that’s how it should be when you hire someone who works in IT. They have access to everything.
It’s also the reason North Korean IT workers are infiltrating American companies. Read on to learn how this works. If you know someone who hires IT folks, be sure to share this important information with them by tapping the social media and email icons at the end.
What you see may not be what you get
The U.S. Treasury Department and the FBI have a warning for anyone hiring for IT positions. Dozens of Fortune 100 companies have unknowingly brought on North Korean IT workers pretending to be Americans.
Backed by the North Korean government, they apply for jobs using stolen identities, leaving a trail of seemingly legitimate info that passes through HR without a hitch. Their applications may even include AI-enhanced photos.
Once they’re hired, usually working remotely, they hide their actual locations by using VPNs or falsified IP addresses to make it appear they’re based in the U.S. In many cases, their earnings go right back home to fund North Korea’s weapons programs.
‘The Supreme Leader is my real boss’
In May, federal prosecutors charged an Arizona woman who helped North Korean operatives impersonate U.S. citizens. All told, the scheme led to inside IT jobs at more than 300 American companies, including many in the aerospace and tech industries.
If you think your company’s HR team is too sharp to be deceived by a fake applicant, think again. This summer, a big security software company, KnowBe4, was duped into hiring a North Korean tech worker. Their HR department believed they’d onboarded a qualified U.S. IT specialist.
Nope — it was someone using the stolen identity of a U.S. citizen. The man passed multiple rounds of video interviews, and standard background checks verified his (stolen) identity as legitimate.
The company only realized something was up when the guy installed malware on a company-issued Mac. It was likely an info stealer, a program designed to extract data stored on web browsers or gather information left on the device.
Do your homework
Scary new malware can survive even if you erase and reinstall Windows
Cyberattacks these days are nothing to scoff at. In 2020 alone, we saw a huge spike in cybercrime — and with more businesses moving operations online, threats like ransomware and phishing will only get worse.
Thankfully, PC users have powerful tools to protect ourselves. Some of the best anti-malware programs you can get are totally free to use. Tap or click here to see our favorite free security software.
Shocking way Jeff Bezos' phone was hacked - and how to protect yours
How would you feel if someone invaded your privacy and exposed your activities to the public? That’s one of the biggest threats caused by hackers, who are only getting more bold with the malware and ransomware they deploy.
Not now, Putin, I’m busy: North Korean soldiers deployed in Russia are taking full advantage of unrestricted internet access by … binge-watching p*rn. The internet isn’t available to most citizens in North Korea, so this is the first time the soldiers can see all the web has to offer.
👨💻 North Korea strikes again: I’ve told you about this before. Now, we’re hearing reports EV maker Fisker hired a remote employee who funneled money back to North Korea’s missile program. The spy used an Arizona address tied to a woman hired to run a laptop farm for IT workers who needed a U.S. address. In total, she moved $6.8 million to North Korea. Isn’t it nuts that a 6-foot overweight man with a goofy haircut scares the heck out of everyone?
Seoul you wanna start a revolution: I thought this was super interesting. Korean activists are using 3D-printed smart balloons to send messages deep into North Korea. Each balloon costs up to $1,000 and can carry up to 16.5 pounds of cargo, like leaflets or mini speakers. The mission: Undermine dictator Kim Jong Un.
We’re skewed: The U.S. House of Representatives just put its foot down, banning data brokers from selling your info to China, North Korea, Russia and Iran. Rulebreakers will face heavy penalties from the Federal Trade Commission. Spoiler: It’s too late.