A growing number of US tech companies have fallen victim to a sophisticated scam involving North Korean cyber operatives who pose as remote IT workers. The scheme, which has been used on a scale never seen before, involves hiring employees with fake identities and using AI-generated deepfakes to create convincing personas.
According to experts, the scammers use stolen personal information from real individuals to create fake job profiles on platforms like LinkedIn. Once hired, the North Korean operatives use their credentials to access company networks and steal sensitive data or intelligence.
In some cases, these operatives have set up laptop “farms” with dozens of devices kept running by a few accomplices who are paid to join the scheme. The FBI has warned that each worker can earn up to $300,000 annually, with some schemes generating tens of millions of dollars for the North Korean government.
While efforts by law enforcement agencies have been somewhat successful in shutting down individual scams, experts say prosecuting the masterminds behind the laptop farm operations is key to breaking the scam. Companies are often fearful of disclosing their involvement due to potential compliance risks and legal ramifications.
To combat this issue, cybersecurity firms like SentinelOne are speaking out about their experiences in an effort to raise awareness and reduce stigma around discussing the problem. Experts stress that transparency is crucial in dealing with this complex threat.
Source: https://www.politico.com/news/2025/05/12/north-korea-remote-workers-us-tech-companies-00340208