North Korean hackers target US AI, crypto job applicants with fake listing platforms

Markets 2025-11-24 10:40

North Korean hackers are now creating fake job application platforms to pick out applicants to major United States artificial intelligence and crypto firms, researchers have uncovered. While the hackers have been at it for years, the researchers claimed that they have added a new twist to their operations.

According to security outfit Validin, which uncovered the new twist to their operations, North Korean hackers are now working to gain long-term access to the computers of applicants before they join any company, instead of simply impersonating the employees of those companies.

In an operation that researchers with Validin call “Contagious Interview,” North Korean hackers are now targeting individuals and stealing the know-how for the Kim Jong Un regime, doing it with the help of a fake job platform.

North Korean hackers are now targeting applicants

Speaking to CNN, Kenneth Kinion, the CEO of Validin, mentioned that going after job seekers is expected to provide an advantage for North Korean actors. Now, instead of trying to slip past an employer’s defenses, they take over the entire hiring process and make it feel completely legitimate to individuals seeking employment. This way, applicants assume they are taking a standard coding test or following the steps for a job opportunity.

Kinion noted that if the job applicant believes that everything they are being asked to do is legitimate, they are much more likely to open any files the supposed interview sends to them. Specifically, candidates are lured into fake job opportunities, guided to record video responses, and prompted to fix their webcam by using a helper tool. These steps seem easy and simple, but they are the steps that the hacker uses to deliver malware directly to a target’s system.

The fake platform, hosted at lenvnydotcom, mimics the style of Lever, a popular headhunting website boasting tens of thousands of users.

According to the description made by Validin, the illicit job platform is a “campaign designed to socially engineer and compromise people seeking jobs in a variety of roles, including software developers, AI researchers, cryptocurrency professionals, and other technical and non-technical job seekers while mimicking leading brands in these areas.”

Among the fictional jobs advertised by the North Korean hackers on the website is a “product manager” related to Claude, an AI chatbot developed by artificial intelligence firm Anthropic. Validin noted that identifying confirmed victims of the scheme is quite challenging because many candidates either refuse to disclose or lie to their current employers that they are applying for positions elsewhere and are therefore less likely to report any suspicious activities that they discover.

North Korean actors ramp up attacks

Over the past few years, North Korean actors have used fake identities and sometimes passed interview screenings to infiltrate companies in the United States, especially firms in the IT sector. The bad actors then send the funds obtained from their callous activities back home to support the regime’s rogue weapons program.

Last week, the United States Department of Justice announced that five people pleaded guilty to helping North Korean hackers.

These people were accused of helping the hackers obtain remote IT employment with US companies to commit fraud. The scheme affected more than 136 companies in general, generating more than $2.2 million in illicit funds that have been sent back to the Kim Jong Un regime.

In addition, the identities of more than 18 Americans were compromised, with the report noting that their activities spanned several industries.

Audricus Phagnasay, 24, Jason Salazar, 30, and Alexander Paul Travis, 34, were part of those arrested. They all pleaded to one count of wire fraud conspiracy. The court mentioned that they provided their identities to external IT workers to help them obtain employment with US companies. They also hosted work laptops at their homes and installed remote access software on them without authorization, making it as if IT workers were working remotely from their residences.

If you're reading this, you’re already ahead. Stay there with our newsletter.

Share to:

This content is for informational purposes only and does not constitute investment advice.

Railgun XAI DeepSnitch AI Kaia News Kaia Price
Recommended Reading
2025-11-24 10:40
North Korean hackers target US AI, crypto job applicants with fake listing platforms
2025-11-24 10:39
Black Friday Crypto Safety Tips for 2025: Could IPO Genie Keep Top Crypto Users Protected?
2025-11-24 10:39
LivLive’s Limited-Time 300% Bonus Sets It Apart as the Best Crypto Presales to Invest In for Early Movers
2025-11-24 10:39
Wall Street heads into Thanksgiving stretch with uncertainty around AI trade
2025-11-24 10:38
FINMA warns Swiss banks are too lax with mortgages
2025-11-24 10:37
Iran’s minister of ICT touts progress in plans to develop digital economy

Popular Articles

Curated Series

SuperEx Popular Science Articles Column

SuperEx Popular Science Articles Column

This collection features informative articles about SuperEx, aiming to simplify complex cryptocurrency concepts for a wider audience. It covers the basics of trading, blockchain technology, and the features of the SuperEx platform. Through easy-to-understand content, it helps users navigate the world of digital assets with confidence and clarity.
Unstaked related news and market dynamics research

Unstaked related news and market dynamics research

Unstaked (UNSD) is a blockchain platform integrating AI agents for automated community engagement and social media interactions. Its native token supports governance, staking, and ecosystem features. This special feature explores Unstaked’s market updates, token dynamics, and platform development.
XRP News and Research

XRP News and Research

This series focuses on XRP, covering the latest news, market dynamics, and in-depth research. Featured analysis includes price trends, regulatory developments, and ecosystem growth, providing a clear overview of XRP's position and potential in the cryptocurrency market.
How do beginners trade options?How does option trading work?

How do beginners trade options?How does option trading work?

This special feature introduces the fundamentals of options trading for beginners, explaining how options work, their main types, and the mechanics behind trading them. It also explores key strategies, potential risks, and practical tips, helping readers build a clear foundation to approach the options market with confidence.

What are the risks of investing in cryptocurrency?

What are the risks of investing in cryptocurrency?

This special feature covers the risks of investing in cryptocurrency, explaining common challenges such as market volatility, security vulnerabilities, regulatory uncertainties, and potential scams. It also provides analysis of risk management strategies and mitigation techniques, helping readers gain a clear understanding of how to navigate the crypto market safely.