Amazon has blocked more than 1,800 job applications linked to suspected North Korean operatives. The disclosure came from Amazon chief security officer Stephen Schmidt. He shared the details publicly in a LinkedIn post. The applicants targeted remote IT positions across the company. They used stolen or fabricated identities to bypass hiring controls.
Remote IT Jobs Used to Fund the North Korean Regime
Schmidt said the applicants followed a clear and consistent objective. They sought employment, collected salaries, and redirected wages abroad. The funds flowed back to Pyongyang. The money supported weapons development and state programs. Schmidt warned this activity likely spreads across the technology industry. He said the trend appears large, coordinated, and growing.
US and South Korean authorities have issued similar warnings. They have tracked online scams linked to North Korean operatives. Officials said the operations increasingly target Western companies.
Sharp Increase in Suspicious Job Applications
Amazon recorded a nearly one-third increase in such applications over the past year. Schmidt said many operatives relied on partners inside the United States. These partners managed so-called laptop farms. The farms used computers physically located in the US. Operators controlled the machines remotely from outside the country.
Amazon relied on artificial intelligence tools and staff verification. Employees screened applications and reviewed identity signals. The company used these combined methods to detect coordinated fraud attempts.
Fraud Tactics Become More Sophisticated
Schmidt said the fraud methods have grown more advanced. Bad actors hijack dormant LinkedIn accounts using leaked credentials. They impersonate real software engineers to appear legitimate. He urged companies to report suspicious applications to authorities.
He warned employers to watch for clear indicators. These include incorrectly formatted phone numbers and mismatched education histories. Such inconsistencies often expose fraudulent identities.
US Authorities Expose Nationwide Laptop Farm Networks
In June, the US government uncovered 29 illegal laptop farms nationwide. North Korean IT workers operated the farms remotely. They relied on stolen or forged American identities. The Department of Justice said the scheme helped secure US-based jobs.
Prosecutors also indicted US brokers who supported the operation. In July, an Arizona woman received a prison sentence exceeding eight years. She ran a large laptop farm network. The operation placed workers at more than 300 US companies. Authorities said the scheme generated over $17m in illegal gains for her and Pyongyang.
