Find notable cyber news and cases, enriched with sources, timelines, and signals.

North Korean fake-persona remote job infiltration campaign against Western tech companies

Campaign
First reported
Last updated
Happening score
H score 34
1 unique sources, 1 articles

Summary

Hide ▲

A North Korean fake-persona campaign is using remote job applications to gain trusted insider access at Western tech companies, creating theft and espionage risk. SentinelOne tracked over 1000 job applications and roughly 360 fake personas tied to the operation over the last year. The tactic matters because accounts that appear legitimate can bypass traditional intrusion defenses and enable unauthorized access from inside the network.

Related Happenings

Meta For Business Facebook Messenger fake-verification phishing campaign

Campaign
H score29 First: 07.07.2026 10:00 Last: 07.07.2026 10:00 Sources 1

About this happening: A **phishing campaign** abused **Facebook Messenger chatbots** and fake verification lures to steal **Meta For Business** credentials and sensitive identity data, creating account...

Scattered Spider SMS phishing and SIM-swap crypto theft campaign

Campaign
H score53 First: 20.04.2026 16:33 Last: 20.04.2026 16:33 Sources 1

About this happening: The **Scattered Spider** campaign used **SMS phishing** and **SIM swap** attacks to steal employee credentials, hijack phone numbers, and take over email and **virtual currency wa...

North Korean remote IT worker scam operation targeting American companies

Campaign
H score41 First: 16.04.2026 19:00 Last: 16.04.2026 19:00 Sources 1

About this happening: A long-running **North Korean remote IT worker scam operation** used **stolen identities** and fake placements to embed operators inside **more than 100 American companies**. The...

2025 Rise in legitimate-access intrusions across enterprise sectors

Trend
H score28 First: 01.04.2026 17:05 Last: 01.04.2026 17:05 Sources 1

About this happening: **Legitimate access abuse** is now a leading intrusion pattern across **2025** investigations, increasing the risk of stealthy compromise across **manufacturing, healthcare, MSPs,...

Contagious Interview cryptocurrency social-engineering and malware-delivery campaign

Campaign
H score37 First: 23.03.2026 20:09 Last: 23.03.2026 20:09 Sources 1

About this happening: A **North Korean** cluster behind **Contagious Interview / WaterPlum** is running a coordinated **malware campaign** against **cryptocurrency professionals**, increasing the risk...

Timeline

  1. 25.03.2026 17:30 2 articles · 3mo ago

    North Korean fake-persona hiring campaign targets Western tech companies

    Campaign Scope Update

    SentinelOne warned that North Korean operations linked to more than 1,000 remote job applications and roughly 360 fake personas targeted Western tech companies, using fake identities, social engineering and AI deepfake interviews to obtain legitimate access and enable theft or espionage from inside affected networks.

    Show sources