The Deepfake Threat: Chollima APT Group Uses AI Filters to Infiltrate Crypto and Web3 Companies
Contents
The Deepfake Threat: Chollima APT Group Uses AI Filters to Infiltrate Crypto and Web3 Companies
The rapid expansion of remote work and hiring has exposed companies, particularly in high-value sectors like Crypto and Web3, to sophisticated new forms of social engineering. The Chollima Synthetic Interview Operation reveals how advanced persistent threat (APT) groups are exploiting remote hiring processes using real-time deepfakes and stolen identities to conduct espionage and steal funds.
This campaign, linked to North Korean state-sponsored actors, highlights a crucial shift in cyberattack methodology: utilizing AI-powered facial filters during live video interviews to masquerade as legitimate job candidates.
According to the full campaign report, Chollima operatives used fake résumés and real-time AI facial filters to impersonate qualified job candidates during interviews. They connected via VPNs and remote desktop tools that masked their true location creating the illusion of being U.S.-based professionals. Once an interview ended, online profiles like LinkedIn were immediately deleted, …
The rapid expansion of remote work and hiring has exposed companies, particularly in high-value sectors like Crypto and Web3, to sophisticated new forms of social engineering. The Chollima Synthetic Interview Operation reveals how advanced persistent threat (APT) groups are exploiting remote hiring processes using real-time deepfakes and stolen identities to conduct espionage and steal funds.
This campaign, linked to North Korean state-sponsored actors, highlights a crucial shift in cyberattack methodology: utilizing AI-powered facial filters during live video interviews to masquerade as legitimate job candidates.
According to the full campaign report, Chollima operatives used fake résumés and real-time AI facial filters to impersonate qualified job candidates during interviews. They connected via VPNs and remote desktop tools that masked their true location creating the illusion of being U.S.-based professionals. Once an interview ended, online profiles like LinkedIn were immediately deleted, …