HISPI Project Cerebellum HISPI PROJECT CEREBELLUM

Ongoing Purported AI-Assisted Identity Fraud Enables Unauthorized Access to Western Companies by North Korean IT Workers

January 1, 2021

North Korean operatives are accused of using AI technology to fabricate identities, securing remote jobs or posing as employers for infiltration purposes. The alleged activities reportedly aid sanctions evasion through tactics such as wage theft, credential exfiltration, and malware deployment. Deceptive methods include the use of fake resumes, VPNs, and face-altering tools; some workers embed and deploy malware like OtterCookie, while others lure targets via falsified job interviews. AI systems are said to generate synthetic resumes, manipulate profile photos, and assist in real-time responses during video interviews.

These incidents underscore the importance of trustworthy AI and responsible AI governance, as well as safe and secure AI practices. For those interested in shaping the future of AI incident management and promoting harm prevention, we invite you to join the HISPI Project Cerebellum TAIM initiative (Govern function). Help establish guardrails for AI, contributing to an AI incident database that fosters a safer digital landscape.

JOIN US

Matched TAIM controls

Suggested mapping from embedding similarity (not a formal assessment). Browse all TAIM controls

Alleged deployer
yang-di, waterplum, wagemole, void-dokkaebi, unc5267, son-un-chol, sok-kwang-hyok, sim-hyon-sop, rim-un-chol, ri-kyong-sik, reconnaissance-general-bureau, purplebravo, north-korean-threat-actors, minh-phuong-ngoc-vong, matthew-isaac-knoot, lazarus-group, ko-chung-sok, kim-ye-won, kim-sang-man, kim-ryu-song, kim-mu-rim, jong-song-hwa, jong-kyong-chol, jang-chol-myong, hyon-chol-song, gwisin-gang, government-of-north-korea, famous-chollima, department-53, contagious-interview, christina-chapman, choe-jong-yong, cho-chung-pom
Alleged developer
unknown-large-language-model-developers, unknown-deepfake-technology-developers, openai
Alleged harmed parties
western-companies, web3, ssa, social-security-administration, recruitment-teams, oleksandr-didenko, macos-users, jiho-han, irs, interviewees, internal-revenue-service, human-resources-staff, hiring-managers, haoran-xu, employers, developers, cryptocurrency-platforms, companies-in-the-united-states, chunji-jin, blockchain-projects, andrew-m., epistemic-integrity, truth, national-security-and-intelligence-stakeholders

Source

Data from the AI Incident Database (AIID). Cite this incident: https://incidentdatabase.ai/cite/1118

Data source

Incident data is from the AI Incident Database (AIID).

When citing the database as a whole, please use:

McGregor, S. (2021) Preventing Repeated Real World AI Failures by Cataloging Incidents: The AI Incident Database. In Proceedings of the Thirty-Third Annual Conference on Innovative Applications of Artificial Intelligence (IAAI-21). Virtual Conference.

Pre-print on arXiv · Database snapshots & citation guide

We use weekly snapshots of the AIID for stable reference. For the official suggested citation of a specific incident, use the “Cite this incident” link on each incident page.