Assessment of DPRK IT Worker Tradecraft
Contents
Threat Analysis
DPRK IT Worker Tradecraft Between 2022 and 2025
Executive Summary
- Advanced technology, such as Artificial Intelligence (AI) for image manipulation
- Templates for persona website creation via Github repositories
- Reused resume content
- Fake addresses
Nisos also observed DRPK IT workers quickly pivoting to other personas if a persona was fired by an employer or flagged and removed from GitHub or freelancer websites. DPRK IT workers quickly create new personal websites and freelancer accounts to continue the work the previous persona was doing.
Use of AI in Profile Images
Nisos observed increased sophistication related to how DPRK IT workers use AI to generate profile pictures for their personas. In 2022, DPRK IT workers did not include photos of themselves on their portfolio website or freelancer accounts and instead relied on cartoons to hide their true identities. Starting in 2023, DPRK IT workers began putting their faces on stock photo bodies, to make their accounts seem …
DPRK IT Worker Tradecraft Between 2022 and 2025
Executive Summary
- Advanced technology, such as Artificial Intelligence (AI) for image manipulation
- Templates for persona website creation via Github repositories
- Reused resume content
- Fake addresses
Nisos also observed DRPK IT workers quickly pivoting to other personas if a persona was fired by an employer or flagged and removed from GitHub or freelancer websites. DPRK IT workers quickly create new personal websites and freelancer accounts to continue the work the previous persona was doing.
Use of AI in Profile Images
Nisos observed increased sophistication related to how DPRK IT workers use AI to generate profile pictures for their personas. In 2022, DPRK IT workers did not include photos of themselves on their portfolio website or freelancer accounts and instead relied on cartoons to hide their true identities. Starting in 2023, DPRK IT workers began putting their faces on stock photo bodies, to make their accounts seem …