Son Dakika
ES¡ESPAÑA ESTÁ EN CUARTOS! Merino decide en el 90' contra PortugalFRL'Espagne élimine le Portugal en 8e de finale de la Coupe du Monde 2026INTLCanada Selects ThyssenKrupp Marine Systems for Multi-Billion Euro Submarine ContractJP10代長女を監禁、母親を再逮捕 三男も逮捕、警視庁FRThales rachète Exail Technologies après l'échec des négociations avec SafranRUВ Сумах и Днепропетровске прогремели взрывы на фоне воздушной тревогиRUПотери ЕС от отказа от российских энергоносителей оцениваются в 3 трлн евроFRDonald Trump confirme avoir demandé à la FIFA de réexaminer le carton rouge de Folarin BalogunVNBồ Đào Nha vs Tây Ban Nha: Tâm điểm vòng 1/8 World Cup 2026TRPortekiz, İspanya'ya 1-0 Mağlup Oldu ve ElendiES¡ESPAÑA ESTÁ EN CUARTOS! Merino decide en el 90' contra PortugalFRL'Espagne élimine le Portugal en 8e de finale de la Coupe du Monde 2026INTLCanada Selects ThyssenKrupp Marine Systems for Multi-Billion Euro Submarine ContractJP10代長女を監禁、母親を再逮捕 三男も逮捕、警視庁FRThales rachète Exail Technologies après l'échec des négociations avec SafranRUВ Сумах и Днепропетровске прогремели взрывы на фоне воздушной тревогиRUПотери ЕС от отказа от российских энергоносителей оцениваются в 3 трлн евроFRDonald Trump confirme avoir demandé à la FIFA de réexaminer le carton rouge de Folarin BalogunVNBồ Đào Nha vs Tây Ban Nha: Tâm điểm vòng 1/8 World Cup 2026TRPortekiz, İspanya'ya 1-0 Mağlup Oldu ve Elendi
Newsgather
GeriNorth Korean hackers pose as IT workers, recruiters, targeting US tech firms
North Korean hackers pose as IT workers, recruiters, targeting US tech firms
Acil
TechCrunch10.06.2026Teknoloji2 dk okumaUnited States

North Korean hackers pose as IT workers, recruiters, targeting US tech firms

Hızlı Bakış

  • North Korean hackers, posing as remote IT workers and recruiters, accounted for nearly half of all documented hands-on-keyboard intrusions at US tech companies over the past year, according to a CrowdStrike report.
  • The group 'Famous Chollima' uses AI and stolen identities to infiltrate firms, stealing information and cryptocurrency to fund Pyongyang's weapons programs.

Yapay zekâ özeti

Neden Önemli?

A new report by cybersecurity firm CrowdStrike reveals that North Korean hackers, posing as remote IT workers and online recruiters, have been responsible for approximately half of all documented 'hands-on-keyboard' intrusions at U.S. tech companies over the past year. These operatives are known to steal information and cryptocurrency to fund Pyongyang's banned nuclear weapons program.

Yazı boyutu

A new report by cybersecurity giant CrowdStrike found North Korean hackers posing as remote IT workers and online recruiters made up about half of all documented “hands-on-keyboard” intrusions at U.S. tech companies over the past year.

The company’s latest annual report on the cybersecurity landscape highlights the growing threat from North Korean operatives, which have become a significant source of cyber intrusions across the tech industry. Hackers associated with the Kim Jong Un regime continuously target companies and developers with schemes aimed at stealing information and cryptocurrency to fund Pyongyang’s nuclear weapons program, which is banned under international law.

CrowdStrike said that during period covered by the report — April 2025 to May 2026 — the North Korean hacking group that the company calls “Famous Chollima” accounted for 47% of all state-backed activity targeting the tech sector.

The security giant keeps track of hands-on-keyboard intrusions because they typically represent real human hackers conducting malicious and evasive cyber activity, rather than automated malware that traditional security tools can catch. These attacks generally begin with stolen passwords or credentials, followed by the abuse of legitimate tools already present in the target’s systems to maintain persistent access over time.

Famous Chollima is known for posing as tech workers, such as developers, coders, and IT, then applying for remote jobs at U.S., European, and Asian tech companies under false pretenses. To pull it off, the hackers use AI to generate real-time deepfake images to spoof the faces of real people, and pair those with fraudulent identity documents like stolen passports and driver’s licenses to pose as Americans or other foreign nationals. This is because North Korea is heavily sanctioned by the West and the United Nations for its ongoing development of nuclear weapons.

Once in, the hackers also earn a salary from the companies they infiltrate, which gets funneled back to the North Korean regime, all while stealing intellectual property and other sensitive corporate information. That stolen information is frequently weaponized; when the operatives are eventually caught, they often threaten to expose what they’ve taken unless the company pays a ransom.

Bundan Sonra Ne Olabilir?

Yapay zekâ öngörüsü — kesinlik taşımaz

  • North Korean hacking activities will continue to target the tech sector.

    Çok muhtemel · Orta vadede

  • Increased cybersecurity measures and international sanctions against North Korea.

    Muhtemel · Orta vadede

Açık Sorular

  • What specific U.S. tech companies were targeted?
  • What is the estimated financial loss from these intrusions?
  • What measures are U.S. authorities taking to counter these threats?
  • How effective are the AI deepfake techniques used by the hackers?

İlgili Konular

Bu haber ilk olarak şurada yayınlandı: TechCrunch.

İlgili Haberler

Bu konuda daha fazlacybersecurity