North Korean hackers pose as fake IT workers to infiltrate Western firms and demand ransom

North Korean hackers from the group NICKEL TAPESTRY are using fraudulent IT workers to infiltrate Western companies, stealing data and extorting ransom. They operate from 'laptop farms,' employ deceptive tactics like changing delivery addresses for laptops and using personal devices to access networks remotely. These fake workers exhibit suspicious financial behaviors and use proxy addresses to conceal their identities, even creating AI clones for video calls

The emergence of ransom demands signifies a shift in their tactics, with evidence of collaboration among these workers to further their scam. To protect against this threat, Secureworks recommends thorough background checks and verification of candidate identities, along with identifying red flags like unusual communication styles and work traits.
https://hackread.com/fake-north-korean-it-workers-west-firms-demand-ransom/