We invite you: Webcast on April 14, 2026 on the topic of TI

North Korean IT Worker and Contagious Interview: Past, Present and Future

Over the past few years, Operation Contagious Interview and North Korean IT worker activities have evolved into a serious, globally operating threat. What initially appeared to be isolated cases of identity fraud and remote employment has revealed itself as a structured ecosystem designed to infiltrate organizations, generate revenue, and support broader DPRK strategic objectives.

In the next installment of our webcast series, we will examine the phenomenon of DPRK IT worker activities from a threat intelligence perspective. We will explore how these operations originated, how they function today, and which developments are already on the horizon. The session will cover technical, operational details and the broader strategic implications for organizations particularly in Europe.

We will look at how actors successfully enter hiring pipelines, including the use of synthetic or stolen identities, carefully constructed online personas, and networks of front companies used to legitimize candidates and payment flows. We will also examine how TTPs linked to Operation Contagious Interview are increasingly getting sophisticated tricking applicants into installing malware on their computer,  and secure long-term access within organizations.

Finally, we will discuss emerging developments, including the growing use of AI-assisted interviews, deepfake personas, and hardware-based access setups such as PiKVM, which allow these actors to operate within corporate environments while maintaining remote control from abroad.

The session will include analysis, selected case examples, and practical insights from our experts. As always, participation is free of charge and without obligation.

📅 Date: Tuesday,  April 14, 2026
🕕 Time: 2 PM
🌐 Platform & Language: Demio, English
🎤 Speakers: Kritika Roy (DCSO), Sebastian Degner (DCSO), Mees van Wickeren (Silent Push)
🎙️ Moderator: Michael Landen (DCSO)

REGISTER NOW

What to Expect in This Session:

• Background and Origins
  A brief overview of how Operation Contagious Interview and DPRK IT worker operations emerged, including their motivations, early patterns, and the foundations.

• Current Landscape and Operational Model
  An analytical look at how these operations function today, from workforce acquisition and targeting to the use of synthetic identities, online personas, and front companies, as well as recruiter-driven tactics such as those seen in Contagious Interview campaigns, where applicants are tricked into installing malware to steal device passwords and cryptocurrency wallet credentials.

• Emerging Developments and Future Risks
  How these activities continue to evolve, including the growing use of AI-assisted interviews, deepfake personas, and remote hardware setups such as PiKVM.

• Expanding Operational Footprint and Key Takeaways
  The session will also explore emerging risks, geographic expansion, and what organizations particularly in Europe should be preparing for.

• Live Q&A with our experts

Take this opportunity to better understand a highly dynamic and often underestimated threat landscape — and learn how to proactively strengthen your organization’s resilience against this form of strategically motivated infiltration.

SECURE YOUR SPOT TODAY