North Korean Hacker Infiltrates US Company

The admin of my gaming clan's Korean wing invites new recruits to lunch to make sure they're real... for a game.

BlackMattk

The fact that their SOC tried talking to him for 30 minutes before containing is WILD.

We see actual malware, your shit's getting locked immediately and not getting unlocked until we're done and say you're good

bIeaq

We have a high tech security arrangement to avoid this kind of infiltration, it is called: "Come into the office to sign your contract and pick up your equipment!"

joostklitsie

I'm a cyber guy. This is a wild story.

Also, EDR stands for Endpoint Detection & Response

Basically a suped-up anti-virus

bIeaq

We had a guy at a company I worked for who was working multiple full time development jobs. He was using a team in China to do the work and he would have them remote into his machine at home and from there into our network. He finally got caught when his computer needed repair and for a couple of days connections were coming directly into the company from China to do his work. If his machine had not failed I'm not sure when he would have gotten caught.

fairbanj

Hired a principal with out ever meeting them.

keyboard_g

It could be 7 North Koreans pretending to be one. And as a famous soviet negotiator once said to his US counterpart: "I really admire your propaganda". "What propaganda? We don't use propaganda!"... "see what I mean"

gwaptiva

Kind of sad how there is like 10 good things that can be done with AI and 1000 bad things that can be done with it.

rumplstiltztinkerstein

There are hundreds of tech workers unemployed and living under the bridges in California, some because they refused to return to office, yet North Koreans are able to get hired remotely. That's whacked.

johnbell

Soon we will outsource our Infra to North Korea consultants

kdihalas

you let the possibility out, that there could be a team behind this identity. usually you don't have just one actor behind the curtain, in a fraud on this level.

garymuller

Your company letting you order a laptop straight from the vendor without them priming it for their internal systems is a pretty big red flag. Netflix not secure, confirmed

mattymattffs

Wait, so the pic on the left (the white guy) was the original, and the pic on the right (the Korean guy) was the result of the edit. But it was actually the real face of the real Korean person that matched video calls?
To be honest... isn't that basically just a beauty-filter? The real issue is that he lied about his location, but the picture... was he basically just substituting a good camera?

TheNoirKamui

2:55 he wasn't talented enough to get hired, he was just willing to work for 10% of the legitimate salary. You get what you pay for.

LeetHaxington

he could've worked for a while to gain their trust and then use it for nefarious reasons

ridottech

In the companies I worked for, I didn't get immediate access to production systems, but as soon as I needed to do something on them I did. If this guy just waited maybe 2 months, he could've gotten some actual data.

tigerseye

My company uses this service and MAN were the recent trainings LONG ☠️

TheDeeStain

Also, allowing someone to REMOTE IN to a work computer from outside the network is fucking insane

bIeaq

10:42 apparently prime never met any military contractor...

CEOofGameDev

This feel like an ad for this company. This story doesn't add up

lrhache