How a North Korean Fake IT Worker Tried to Infiltrate Security Awareness Firm KnowBe4
blog.knowbe4.com
cross-posted from: https://feddit.org/post/1094761
KnowBe4 needed a software engineer for our internal IT AI team. "We posted the job, received resumes, conducted interviews, performed background checks, verified references, and hired the person," the firm writes on its blog.
"We sent them their Mac workstation, and the moment it was received, it immediately started to load malware."
[Special points to KnowBe4 for publishing this on its blog. If this can happen to a security awareness firm, it can happen to everyone.]
You are viewing a single comment
Interesting point about the KVM. To make it transparent the KVM would need to report the model of a real monitor in the display EDID data. Also if you’re monitoring the device, which is almost certainly a laptop, it would be suspicious if it was plugged in to a monitor 100% of the time.
Having a laptop permanently in a dock is pretty normal for tech workers.
Mine is either connected to a USBC dock at home or the office. I have only used it without when at a hotel.
Sure, I use a ThunderBolt dock at home, but being docked 100% of the time is probably not normal.
Mine has been docked for months at a time. I recently started shifting it to be near the kids when they're home; but not undocking it wouldn't strike me as strange at all.
That’s fair!