Dernière minute
ARمخطط شيطاني من الجدة.. مفاجآت صادمة في وفاة رضيع ومصارعة شقيقته الموتARمقتل 20 سجيناً وإصابة 100 آخرين في اشتباكات داخل سجنARسحب عاجل لدواء فلوكلوكساسيلين في بريطانيا بسبب خطأ في النشرة الداخليةARاستطلاع دولي: ثقة المستثمرين باقتصادات الخليج قوية رغم التوترات الجيوسياسية وارتفاع أسعار المعادنARباحثون يقترحون إطاراً جديداً يعتمد على الذكاء الاصطناعي لتصنيف مصادر الشخيرARموكب تشييع المرشد الإيراني السابق يجوب شوارع طهران وسط هتافات بالثأرARظهور نادر لأحمدي نجاد في جنازة خامنئي بعد سنوات من الخلافARسكاي تستحوذ على قنوات ومنصة آي تي في البريطانية مقابل 1.6 مليار جنيه إسترلينيARقرار الفيفا برفع إيقاف بالوغون يثير استياء الاتحاد الأوروبي ومدربي المنتخباتARبدء محاكمة عزل نائبة الرئيس الفلبيني سارة دوتيرتيARمخطط شيطاني من الجدة.. مفاجآت صادمة في وفاة رضيع ومصارعة شقيقته الموتARمقتل 20 سجيناً وإصابة 100 آخرين في اشتباكات داخل سجنARسحب عاجل لدواء فلوكلوكساسيلين في بريطانيا بسبب خطأ في النشرة الداخليةARاستطلاع دولي: ثقة المستثمرين باقتصادات الخليج قوية رغم التوترات الجيوسياسية وارتفاع أسعار المعادنARباحثون يقترحون إطاراً جديداً يعتمد على الذكاء الاصطناعي لتصنيف مصادر الشخيرARموكب تشييع المرشد الإيراني السابق يجوب شوارع طهران وسط هتافات بالثأرARظهور نادر لأحمدي نجاد في جنازة خامنئي بعد سنوات من الخلافARسكاي تستحوذ على قنوات ومنصة آي تي في البريطانية مقابل 1.6 مليار جنيه إسترلينيARقرار الفيفا برفع إيقاف بالوغون يثير استياء الاتحاد الأوروبي ومدربي المنتخباتARبدء محاكمة عزل نائبة الرئيس الفلبيني سارة دوتيرتي
Newsgather
BackNorth Korean hackers pose as IT workers, recruiters, targeting US tech firms
North Korean hackers pose as IT workers, recruiters, targeting US tech firms
Urgent
TechCrunch10.06.2026Tech2 dk okumaUnited States

North Korean hackers pose as IT workers, recruiters, targeting US tech firms

L'essentiel

  • North Korean hackers, posing as remote IT workers and recruiters, accounted for nearly half of all documented hands-on-keyboard intrusions at US tech companies over the past year, according to a CrowdStrike report.
  • The group 'Famous Chollima' uses AI and stolen identities to infiltrate firms, stealing information and cryptocurrency to fund Pyongyang's weapons programs.

Résumé généré par IA

Pourquoi c'est important

A new report by cybersecurity firm CrowdStrike reveals that North Korean hackers, posing as remote IT workers and online recruiters, have been responsible for approximately half of all documented 'hands-on-keyboard' intrusions at U.S. tech companies over the past year. These operatives are known to steal information and cryptocurrency to fund Pyongyang's banned nuclear weapons program.

Taille de police

A new report by cybersecurity giant CrowdStrike found North Korean hackers posing as remote IT workers and online recruiters made up about half of all documented “hands-on-keyboard” intrusions at U.S. tech companies over the past year.

The company’s latest annual report on the cybersecurity landscape highlights the growing threat from North Korean operatives, which have become a significant source of cyber intrusions across the tech industry. Hackers associated with the Kim Jong Un regime continuously target companies and developers with schemes aimed at stealing information and cryptocurrency to fund Pyongyang’s nuclear weapons program, which is banned under international law.

CrowdStrike said that during period covered by the report — April 2025 to May 2026 — the North Korean hacking group that the company calls “Famous Chollima” accounted for 47% of all state-backed activity targeting the tech sector.

The security giant keeps track of hands-on-keyboard intrusions because they typically represent real human hackers conducting malicious and evasive cyber activity, rather than automated malware that traditional security tools can catch. These attacks generally begin with stolen passwords or credentials, followed by the abuse of legitimate tools already present in the target’s systems to maintain persistent access over time.

Famous Chollima is known for posing as tech workers, such as developers, coders, and IT, then applying for remote jobs at U.S., European, and Asian tech companies under false pretenses. To pull it off, the hackers use AI to generate real-time deepfake images to spoof the faces of real people, and pair those with fraudulent identity documents like stolen passports and driver’s licenses to pose as Americans or other foreign nationals. This is because North Korea is heavily sanctioned by the West and the United Nations for its ongoing development of nuclear weapons.

Once in, the hackers also earn a salary from the companies they infiltrate, which gets funneled back to the North Korean regime, all while stealing intellectual property and other sensitive corporate information. That stolen information is frequently weaponized; when the operatives are eventually caught, they often threaten to expose what they’ve taken unless the company pays a ransom.

À surveiller

Perspective IA — des possibilités, pas des certitudes

  • North Korean hacking activities will continue to target the tech sector.

    Très probable · Moyen terme

  • Increased cybersecurity measures and international sanctions against North Korea.

    Probable · Moyen terme

Questions ouvertes

  • What specific U.S. tech companies were targeted?
  • What is the estimated financial loss from these intrusions?
  • What measures are U.S. authorities taking to counter these threats?
  • How effective are the AI deepfake techniques used by the hackers?

Sujets liés

This article was originally published by TechCrunch.

Articles liés

Plus sur ce sujetcybersecurity