Over 100 US companies infiltrated by North Korean workers, raids seize 29 "laptop farms"

A new report by the U.S. Department of Justice (DOJ) provides a fascinating insight into how the North Korean regime generates funds abroad. It alleges that North Korean citizens used fake IDs and stolen identities to undertake employment in the form of remote IT jobs at U.S. companies. With the assistance of individuals from the US, Saudi Arabia, China, and Taiwan, employees from North Korea were able to successfully infiltrate more than 100 US companies.

A few individuals are said to have provided websites with false information in order to make the resumes of North Koreans appear more credible, while at least 29 known "laptop farms" were established within the U.S. These farms were used to set up employer-provided laptops and power them, while workers from North Korea remotely connected to the laptops to carry out the work for the respective jobs and subsequently remit their salaries directly to the North Korean regime.

In some cases, sensitive information is also said to have been stolen, such as information on the export of US military technology or virtual funds. In at least one case, a North Korean employee of a US blockchain company reportedly stole cryptocurrency worth $900,000. In total, these operations are said to have resulted in hundreds of millions of US dollars flowing directly from the US to North Korea. In a series of coordinated raids, 29 "laptop farms" in 16 US states were searched, while 29 bank accounts and 21 websites were seized. Surprisingly, despite this large-scale operation, only two charges were filed and only one person was arrested.