Amazon has blocked hundreds of job applications from suspected North Korean operatives, a move announced by the company’s chief security officer Stephen Schmidt.
Amazon’s Detection Efforts
In a LinkedIn post on Friday, Schmidt explained that the operatives’ goal is “to get hired, get paid, and funnel wages back to fund the regime’s weapons programs.” He added that applicants use fake or stolen identities to pursue remote IT jobs worldwide.
Since April 2024, Amazon has stopped more than 1,800 suspected DPRK operatives from joining. Schmidt noted a 27% increase in DPRK-affiliated applications quarter over quarter this year. The fraud was identified by Amazon’s AI-powered application screening system and confirmed through manual verification by staff.
Laptop Farms and DOJ Crackdown
In June, the Department of Justice uncovered 29 illegal “laptop farms” across the U.S. used by North Korean IT workers. These farms were operated by U.S.-based individuals who created fraudulent companies to host the laptops, giving North Korean agents remote access to company-provided laptops.
Assistant Attorney General John A. Eisenberg said in a release that “These schemes target and steal from U.S. companies and are designed to evade sanctions and fund the North Korean regime’s illicit programs, including its weapons programs.”
A woman from Arizona was sentenced to more than eight years in prison the following month for running a laptop farm that helped North Korean IT workers obtain remote jobs at over 300 U.S. companies. The scheme generated more than $17 million in illicit revenue for her and Pyongyang.
International Response and Partnerships
The U.S., Japan and South Korea held a joint forum in Tokyo in August to improve collaboration against the growing threat of North Korean operatives posing as IT workers. In a joint statement, the three countries warned that hiring, supporting, or outsourcing work to North Korean IT workers “increasingly poses serious risks, ranging from theft of intellectual property, data, and funds to reputational harm and legal consequences.”
Separately, Amazon and Grubhub announced a partnership that lets Amazon Prime members enjoy a free, one-year trial of Grubhub+.
Key Takeaways
- Amazon has blocked hundreds of job applications from suspected North Korean operatives.
- The company has stopped over 1,800 suspected DPRK operatives and seen a 27% quarterly rise in related applications.
- DOJ uncovered 29 illegal laptop farms, and a woman was sentenced to over eight years for running one that generated $17 million.
Amazon’s actions highlight the growing sophistication of cyber-fraud operations linked to North Korea and underscore the importance of international cooperation to counter these threats.
