FBI warns vs. North Korea remote workers infiltrating U.S. jobs
MISSOURI, UNITED STATES — The Federal Bureau of Investigation (FBI) has advised U.S. employers to exercise caution when hiring remote information technology (IT) workers, after uncovering a scheme where North Korean IT workers infiltrated American companies using fake identities.
Authorities estimate hundreds of IT workers were involved, secretly sending millions of dollars in wages back to North Korea to help fund its weapons program.
The North Korean government had dispatched IT workers abroad to countries like China and Russia, where they created fake freelancer profiles pretending to live in the U.S. or Europe.
Using video chat services, they interviewed and obtained remote jobs under fake names with U.S. companies, often paying Americans to let them use their home Wi-Fi to appear located in the U.S.
“At a minimum, the FBI recommends that employers take additional proactive steps with remote IT workers to make it harder for bad actors to hide their identities,” cautioned FBI special agent Jay Greenberg, in a news release.
U.S. Attorney Sayler A. Fleming for the Eastern District of Missouri issued a similar warning: “You may be helping to fund North Korea’s weapons program or allowing hackers to steal your data or extort you down the line.”
The FBI announced the seizure of $1.5 million and 17 domain names linked to the years-long scheme.
This is not the first time North Korean IT workers have been accused of stealing money for their country’s weapons program. In 2021, the Justice Department charged three North Korean military intelligence officials for a scheme that extorted over $1.3 billion in cash and cryptocurrency.
Tech industry experts say the FBI warning highlights the need for heightened security precautions when hiring remote workers, especially those based overseas.
While most remote workers are honest, the North Korea scheme reveals sophisticated tactics used by nation-state actors that companies must guard against.
