Secret North Korean military of pretend AI staff use voice-changers to steal prime jobs in West
North Korea is using “deepfake” AI and voice-changers to catfish Western firms and funnel stolen cash to Kim Jong-un’s regime, tech giant Microsoft warns
North Korea is using “deepfake” AI and voice-changers to catfish Western firms(Image: Getty Images/iStockphoto)
North Korea is using cutting-edge AI to infiltrate Western companies, masquerading as remote IT experts to funnel money back to Kim Jong-un’s secretive regime.
Tech giant Microsoft has sounded the alarm, revealing that state-sponsored fraudsters are ditching amateur tactics for sophisticated “deepfake” tech to pull off a massive digital heist.
According to a new report from Microsoft’s threat intelligence unit, Pyongyang is now using voice-changing software to hide thick accents during video interviews, effectively “catfishing” their way into high-paying software roles.
The scam, orchestrated by groups dubbed Jasper Sleet and Coral Sleet, is a high-tech operation on an industrial scale.
The digital sleeper agents don’t just stop at voice manipulation – they are reportedly using face-swap apps to graft their own features onto stolen ID documents and AI headshot generators to create “polished” professional CV photos.
To blend in perfectly, they even use AI prompts to generate lists of “culturally appropriate” names and matching email formats, making it nearly impossible for HR departments to spot a fake applicant from a real one.
Microsoft recently identified over 3,000 Outlook and Hotmail accounts linked to the fraudulent workers, who are even using AI to “scrape” platforms like Upwork to tailor their CVs perfectly to what Western bosses want to hear.
In a blog post released last year, Microsoft laid bare the sheer scale of the deception.
It said: “North Korea has deployed thousands of remote IT workers to assume jobs in software and web development as part of a revenue generation scheme for the North Korean government.
“These highly skilled workers are most often located in North Korea, China, and Russia, and use tools such as virtual private networks and remote monitoring and management tools together with witting accomplices to conceal their locations and identities.
“Historically, North Korea’s fraudulent remote worker scheme has focused on targeting United States companies in the technology, critical manufacturing, and transportation sectors.
“However, we’ve observed North Korean remote workers evolving to broaden their scope to target various industries globally that offer technology-related roles.”
Microsoft added: “Organisations can protect themselves from this threat by implementing stricter pre-employment vetting measures and creating policies to block unapproved IT management tools.
“For example, when evaluating potential employees, employers and recruiters should ensure that the candidates’ social media and professional accounts are unique and verify their contact information and digital footprint.
“Organisations should also be particularly cautious with staffing company employees, check for consistency in resumes, and use video calls to confirm a worker’s identity.”
For the latest breaking news and stories from across the globe from the Daily Star, sign up for our newsletter by clicking here.
