Amazon has blocked more than 1,800 job applications linked to suspected North Korean operatives. Amazon chief security officer Stephen Schmidt revealed the action publicly. He shared the details in a LinkedIn post. The applicants targeted remote IT positions across the company. They used stolen or fake identities to bypass hiring checks.
Remote Work Turned Into a Funding Channel
Schmidt said the applicants followed a clear and organized strategy. They sought employment, collected salaries, and funneled wages back to North Korea. The funds supported weapons development and state programs. Schmidt warned the activity likely affects the wider technology sector. He said US companies face the highest risk.
US and South Korean authorities have issued repeated alerts. They tracked online scams linked to North Korean operatives. Officials said these schemes increasingly target Western employers.
Surge in Suspicious Job Applications at Amazon
Amazon recorded a nearly one-third increase in suspicious applications over the past year. Schmidt said many operatives relied on partners inside the United States. These partners ran so-called laptop farms. The farms used computers physically based in the US. Operators controlled the machines remotely from abroad.
Amazon deployed artificial intelligence tools alongside staff verification. Employees screened applications and checked identity markers. The company relied on these measures to detect coordinated fraud.
Fraud Tactics Become More Sophisticated
Schmidt said the methods have grown increasingly advanced. Bad actors hijack dormant LinkedIn accounts using leaked credentials. They impersonate real software engineers to appear credible. Schmidt urged companies to report suspicious applications to authorities.
He advised employers to watch for warning signs. These include incorrectly formatted phone numbers and mismatched education histories. Such details often reveal fraudulent identities.
US Authorities Crack Down on Laptop Farm Networks
In June, the US government uncovered 29 illegal laptop farms nationwide. North Korean IT workers operated the farms remotely. They relied on stolen or forged American identities. The Department of Justice said the scheme helped secure jobs at US companies.
Prosecutors also charged US brokers who assisted the operation. In July, a woman from Arizona received a prison sentence exceeding eight years. She ran a large laptop farm network. The operation placed workers at more than 300 US companies. Authorities said the scheme generated more than $17m in illegal gains for her and Pyongyang.
