Threat Actor Profile: WageMole
Contents
Threat Actor Profile: WageMole
Overview
WageMole is a North Korean state-sponsored advanced persistent threat (APT) group that blends social engineering with technical tradecraft to obtain remote employment within Western organizations. Unlike traditional financially motivated cybercriminal operations, WageMole embeds operatives inside companies by posing as legitimate job candidates. Once hired, these individuals operate under fabricated identities to conduct espionage, access sensitive systems, and potentially facilitate follow-on cyber operations.
image
A defining element of WageMole’s activity is its connection to the campaign known as “Operation Contagious Interview.” Through this campaign, the group harvested and reused stolen personal data to construct convincing digital personas. These false identities include forged passports, driver’s licenses, and supporting documentation that allow operatives to pass background checks and identity verification processes. Generative artificial intelligence is reportedly used to create structured interview study guides, helping applicants deliver technically sound and consistent responses during remote hiring interviews.
WageMole primarily targets small to mid-sized …
Overview
WageMole is a North Korean state-sponsored advanced persistent threat (APT) group that blends social engineering with technical tradecraft to obtain remote employment within Western organizations. Unlike traditional financially motivated cybercriminal operations, WageMole embeds operatives inside companies by posing as legitimate job candidates. Once hired, these individuals operate under fabricated identities to conduct espionage, access sensitive systems, and potentially facilitate follow-on cyber operations.
image
A defining element of WageMole’s activity is its connection to the campaign known as “Operation Contagious Interview.” Through this campaign, the group harvested and reused stolen personal data to construct convincing digital personas. These false identities include forged passports, driver’s licenses, and supporting documentation that allow operatives to pass background checks and identity verification processes. Generative artificial intelligence is reportedly used to create structured interview study guides, helping applicants deliver technically sound and consistent responses during remote hiring interviews.
WageMole primarily targets small to mid-sized …