Remote Worker Infiltration

Method of cyberattack where threat actors pose as remote employees to gain access to organizational networks.

Researchers Uncover Lazarus APT’s Remote-Worker Infiltration Scheme

Dec 2, 2025

—

by

Elles De Yeager

in Digital Espionage & Intelligence

In a significant breakthrough, a joint investigation has revealed North Korea’s Lazarus Group, specifically its Famous Chollima division, is actively infiltrating global companies. The APT group is posing as remote IT workers to breach organizations, primarily targeting the finance, crypto, healthcare, and engineering sectors. This investigation serves as a critical warning to companies and hiring…