Hackers linked to the North Korean government have expanded their cryptocurrency theft efforts.$XRP $XLM $DOGE Their tactics now include using social engineering to target IT companies, TechCrunch reported, citing research presented at the Cyberwarcon conference.

The hacker groups Sapphire Sleet and Ruby Sleet, believed to be linked to the North Korean government, used fake job postings to infiltrate major IT companies.

Sapphire Sleet lured victims with fake job offers, infecting computers with malware via PDFs and links. Ruby Sleet targeted aerospace and defense contractors in the US, UK, and South Korea to steal military secrets.

Researchers have found that the use of fake identities created using artificial intelligence, social media and voice-changing technologies allowed hackers to infiltrate companies.