Amazon Blocks Over 1,800 Job Applications from Suspected North Korean Agents

A recent revelation by Amazon’s chief security officer highlights a troubling trend as the tech giant has rejected more than 1,800 job applications linked to suspected North Korean operatives. These individuals reportedly sought remote IT positions using fake or stolen identities, with the aim of diverting wages back to support North Korea’s weapons programs.

This development underscores the increasing sophistication of online scams reportedly orchestrated by North Korea, raising alarms within the tech industry in the U.S. and beyond.

Why It Matters

The implications of these fraudulent job applications extend beyond individual companies, potentially jeopardizing national security. With a noted increase in applications from North Koreans, the U.S. technology sector must remain vigilant to thwart efforts that could inadvertently finance illicit activities.

Key Developments

• Amazon has blocked over 1,800 job applications suspected to involve North Korean agents.
• Applications were submitted using stolen or fake identities for remote IT jobs.
• The company reported a nearly one-third rise in North Korean job applications over the past year.
• Fraudsters are using advanced techniques to hijack legitimate LinkedIn accounts.
• The U.S. and South Korean authorities have flagged concerns about online scams linked to North Korea.
• A recent Department of Justice investigation uncovered 29 illegal “laptop farms” operated by North Korean IT workers across the U.S.

Full Report

In a LinkedIn post, Amazon’s chief security officer, Stephen Schmidt, detailed the company’s efforts to combat the infiltration attempts by suspected North Korean operatives. He stated that these operatives typically aim to secure remote job positions to receive salaries that could be funneled back to support their regime’s military initiatives.

Schmidt noted that the tech giant employs a combination of artificial intelligence and manual verification techniques to assess job applications. The sophistication of the strategies used by fraudsters has reportedly increased, with bad actors hijacking dormant LinkedIn accounts using credentials obtained through data leaks. This tactic allows them to establish a facade of credibility by targeting authentic software engineers.

He cautioned employers to remain vigilant for signs of fraudulent applications, such as incorrectly formatted phone numbers and inconsistent education histories. This warning comes on the heels of the U.S. government’s disclosure about 29 “laptop farms” that were uncovered, which were allegedly run by North Korean IT personnel using stolen American identities to secure employment opportunities.

Additional scrutiny has led to the indictment of U.S. brokers involved in facilitating jobs for these North Korean agents. A notable case involved a woman in Arizona, sentenced to over eight years in prison for operating a laptop farm that effectively helped North Korean workers gain remote employment with over 300 U.S. companies, reportedly generating more than $17 million in illegal profits.

Context & Previous Events

Authorities in both the U.S. and South Korea have previously issued warnings regarding the activities of North Korean operatives engaging in online scams. Earlier investigations by the Department of Justice revealed the operation of illegal schemes that exploited vulnerabilities in hiring processes within the tech industry.