North Korea commits high-tech fraud

When you encounter a technology problem on the job and reach out to the IT department for assistance, it probably never occurs to you that the friendly remote technician who solved your software problem might not be who they say they are. But that's exactly what happened at hundreds of American companies, all unwitting targets in a global remote work scam that used stolen identities and secret laptop farms to generate illicit revenue for North Korea's coffers.

According to the U.S. Justice Department, thousands of skilled North Korean IT workers borrowed or stole the identities of American citizens to obtain remote work and defraud more than 300 companies out of millions of dollars. And the IT workers, who often worked out of China, didn't do it alone — at least two Americans helped facilitate the scam with laptop farms in their own homes. Both accomplices received company laptops from targeted businesses and installed unauthorized software that allowed North Korean workers to access the laptops from anywhere without arousing suspicion.

Altogether, the scam generated at least $6.8 million for the North Korean government, and workers were able to infiltrate Fortune 500 companies, a car manufacturer, an aerospace manufacturer and a media company. The North Korean workers even unsuccessfully sought employment with two U.S. government agencies.

Both American accomplices face numerous charges and potentially decades in prison, but North Korean operatives haven't paused in their efforts. According to Security Week, one Florida-based company noticed suspicious activity on a company laptop just 25 minutes after the device reached its destination on July 15, 2024. When pressed for information about the activity, the employee vanished — and the company later learned that his entire persona was an AI deepfake with a stolen identity.