Amazon has blocked more than 1,800 job applications linked to suspected North Korean operatives. Amazon chief security officer Stephen Schmidt revealed the action publicly. He shared the details in a LinkedIn post. The applicants targeted remote IT roles across the company. They used stolen or fake identities to bypass hiring checks.
Remote IT Jobs Exploited to Fund Pyongyang
Schmidt said the applicants followed a clear and deliberate plan. They sought employment, collected salaries, and funneled wages back to North Korea. The funds supported weapons development and other state programs. Schmidt warned the activity likely spreads across the technology sector. He said US companies face the greatest risk.
US and South Korean authorities have issued repeated warnings. They tracked online scams linked to North Korean operatives. Officials said these schemes increasingly target Western employers.
Surge in Suspicious Applications at Amazon
Amazon recorded a nearly one-third rise in suspicious applications over the past year. Schmidt said many operatives relied on partners inside the United States. These partners ran so-called laptop farms. The farms used computers physically based in the US. Operators controlled the machines remotely from abroad.
Amazon combined artificial intelligence tools with staff verification. Employees screened applications and checked identity indicators. The company relied on these measures to prevent coordinated fraud.
Fraud Tactics Become Increasingly Sophisticated
Schmidt said the techniques continue to evolve. Bad actors hijack dormant LinkedIn accounts using leaked credentials. They impersonate real software engineers to appear credible. Schmidt urged companies to report suspicious applications to authorities.
He advised employers to watch for warning signs. These include incorrectly formatted phone numbers and inconsistent education histories. Such inconsistencies often expose fraudulent identities.
US Authorities Crack Down on Laptop Farm Networks
In June, the US government uncovered 29 illegal laptop farms nationwide. North Korean IT workers operated the farms remotely. They used stolen or forged American identities. The Department of Justice said the scheme helped secure jobs at US companies.
Prosecutors also charged US brokers who assisted the operation. In July, a woman from Arizona received a prison sentence exceeding eight years. She ran a large laptop farm network. The operation placed workers at more than 300 US companies. Authorities said the scheme generated more than $17m in illegal gains for her and Pyongyang.
