Navigation
Recherche
|
Dozens of Fortune 100 Companies Have Unwittingly Hired North Korean IT Workers
vendredi 27 septembre 2024, 02:45 , par Slashdot
Workers typically asked for their work laptops to be sent to different addresses than those listed on their resumes, raising the suspicions of companies. Mandiant said it found evidence that the laptops at these farms are connected to a 'keyboard video mouse' device or multiple remote management tools including LogMeIn, GoToMeeting, Chrome Remote Desktop, AnyDesk, TeamViewer and others. 'Feedback from team members and managers who spoke with Mandiant during investigations consistently highlighted behavior patterns, such as reluctance to engage in video communication and below-average work quality exhibited by the DPRK IT worker remotely operating the laptops,' Mandiant reported. In several incident response engagements, Mandiant found the workers used the same resumes that had links to fabricated software engineer profiles hosted on Netlify, a platform often used for quickly creating and deploying websites. Many of the resumes and profiles included poor English and other clues indicating the actor was not based in the U.S. One characteristic repeatedly seen was the use of U.S-based addresses accompanied by education credentials from universities outside of North America, frequently in countries such as Singapore, Japan or Hong Kong. Companies, according to Mandiant, typically don't verify credentials from universities overseas. Further reading: How Not To Hire a North Korean IT Spy Read more of this story at Slashdot.
https://it.slashdot.org/story/24/09/27/0011212/dozens-of-fortune-100-companies-have-unwittingly-hire...
Voir aussi |
56 sources (32 en français)
Date Actuelle
ven. 27 sept. - 06:10 CEST
|