(Adnkronos) – With the help of open-source AI systems like ChatGPT, which has a record number of accesses in North Korea, Google Translate, and software capable of masking their image, thousands of North Korean IT specialists have managed in recent years to steal or falsify the identities of Western developers, posing as consultants, to get hundreds of millions of dollars a year to Pyongyang’s military programs, evading sanctions, according to a CNN investigation. They managed to infiltrate not as saboteurs, but as employees.
“They’ve gotten everywhere, in every company on the Fortune 500 list,” commented Michael Barnhart of cybersecurity firm Dtex. With video calls from countries with better connections, such as China, Laos, and Russia, the engineers managed to penetrate American companies, also thanks to American facilitators who help with identity theft and access to the American financial system, or with so-called ‘laptop farms’ with which North Koreans could pretend to be physically located in the United States.
Last month, American TikToker Christina Marie Chapman, with 100,000 followers, was sentenced to eight and a half years in prison for helping these operatives find jobs at more than 300 companies, generating more than $17 million for the regime. Her rise was attributed to her new job “in the computer industry.” And hers is not the only case. Between a cooking recipe, dietary advice, and other things, since October 2020 she accepted the offer, received online, to act as an “American face” to assist IT specialists in finding work in the US. Once the job was obtained, with Chapman’s credentials, it was she who received the company laptop on which she installed the software provided by her North Korean connections, who could then access it from abroad.
“If you stop thinking of them as government officials and start thinking of them more like a mafia, it all comes back,” Barnhart added. Last month, the US government offered a $5 million reward for information on North Koreans involved in the regime-sponsored scheme. This is an online evolution of the counterfeit $100 bill scam promoted by Kim Jong Il in the 1990s. “Kim Jong Un is a millennial and therefore gravitates towards technology much more than his father. They are promoting an army of IT developers,” explains the analyst, who specializes in hunting North Koreans (for every North Korean he discovers, he adds a tattoo on his body).
AI systems are used not only to write lines of software but also to fabricate identities, conduct interviews, fake cultural fluency, and automate job search applications. The first names of these fake profiles are common American first names like Paul, Jeremy, and Joe. Their resumes show work experience at large American companies and degrees from prestigious universities. At interviews, they present themselves with a series of pre-prepared clichés about career goals, work ethic, and often use AI to answer questions in real time.
Once you learn how to spot a North Korean on job search platforms, it’s hard not to see them everywhere. Last year alone, risk management firm KnowBe4 received at least 100 applications from alleged North Koreans. Last summer they hired one by mistake. After selecting him, they sent him their company laptop. As soon as it arrived at its destination, it started downloading malware. Since then, controls have intensified. The trick questions at the interviews are not so much about the regime, but about favorite restaurants, about their identity. “And that’s where they collapse.”
