A new report from Secureworks shows that the North Korean group Nickel Tapestry has expanded its operations from getting North Korean IT workers illegally employed by companies in other countries to allowing the workers to steal data that can be used for extortion if they’re fired, according to The Register.
To avoid falling victim to such scams, companies are being warned to conduct a thorough screening of their job applicants — preferably with on-site interviews. It’s also a good idea to keep an eye on security involving remote access.
Warning signs to look out for include the use of Chrome Remote Desktop and AnyDesk software, if these are not part of the company’s regular equipment, and connections to Astrill VPN IP addresses. North Korean IT workers also tend to be reluctant to make video calls and often claim that their webcam is not working. However, according to Secureworks, they apparently have started experimenting with new software to handle video calls in the future.