DMR News

Advancing Digital Conversations

North Korean Hacker Infiltrates US Security Firm, Attempts Malware Attack

ByYasmeeta Oon

Jul 31, 2024

North Korean Hacker Infiltrates US Security Firm, Attempts Malware Attack

KnowBe4, a US-based security vendor specializing in security awareness training, revealed that it accidentally hired a North Korean hacker who attempted to install malware within its systems. This incident serves as a stark reminder of the sophistication and reach of cyber threats. The company’s CEO, Stu Sjouwerman, shared the details in a blog post, emphasizing that no data was compromised or stolen.

The hacker, posing as a software engineer for KnowBe4’s internal IT AI team, used a stolen US-based identity and a photo enhanced with artificial intelligence to secure the position. Despite passing background checks and video interviews, the individual began suspicious activities immediately upon receiving their workstation. The hacker’s actions included manipulating session history files, transferring harmful files, and executing unauthorized software, using a Raspberry Pi to facilitate the malware download.

On the left, a stock photo. On the right, an AI-enhanced image based on the stock photo. The AI-enhanced image was submitted to KnowBe4 by a job applicant. (Image credit: KnowBe4)

KnowBe4’s Security Operations Center (SOC) detected the unusual behavior on July 15, 2024. The hacker, referred to as “XXXX” in the company’s blog post, initially claimed the activity resulted from troubleshooting a router issue. However, when SOC attempted to follow up, the hacker became unresponsive, leading the team to contain the device.

The investigation revealed that the hacker was likely working remotely from North Korea, using a VPN to appear as if they were operating during US business hours. The individual’s goal was to siphon funds to North Korea, supporting illegal activities. KnowBe4’s controls and restricted access for new employees prevented any significant damage.

The incident shows the ongoing threats posed by nation-state actors in cyberspace. KnowBe4 is cooperating with the FBI and cybersecurity experts at Mandiant as the investigation continues. The company hopes this serves as a cautionary tale for other organizations.


Featured Image by DC Studio on Freepik

Follow us for more news on malware attacks.

Yasmeeta Oon

Just a girl trying to break into the world of journalism, constantly on the hunt for the next big story to share.

Leave a Reply

Your email address will not be published. Required fields are marked *