A North Korean scheme to implant fake IT workers in Western firms has been uncovered, with one operative attempting to infiltrate a company that tracks such fraud. The investigation by Nisos revealed a suspicious job application mirroring a job posting and a candidate exhibiting AI-assisted behaviors during interviews. The subsequent probe into the operative’s connections led to the discovery of a 'laptop farm' in the U.S. with numerous devices controlled remotely.
These operations reportedly facilitate wage routing through stolen identities, funding North Korea's weapons programs. Nisos advised companies to enhance remote hiring security by conducting thorough background checks and monitoring employee behavior closely.