“North Korean threat actors are weaponizing the trust inherent in the tech recruitment process, tricking developers into executing malicious payloads under the guise of technical assessments,” Agha said. “By targeting highly privileged developers in lucrative sectors like cryptocurrency and finance, these actors are effectively bypassing traditional perimeter defences to establish immediate footholds.”
DPRK threat actors are adopting generative AI to scale their operations.
“From using AI tools to refine malware obfuscation and bypass security safeguards, to automating the creation of synthetic personas, North Korean groups are rapidly modernizing their tradecraft,” Agha noted. “This demonstrates that AI is actively lowering the barrier for threat actors to execute convincing, large-scale deception.”
