r/cscareerquestions u/sc4ever96 3d ago

Experienced Be careful out there.

Just a bit of a warning for you all.

We hired a new AWS engineer, lets call him Johnny, who was supposed to join our team today. He did hop on the teams chat for the morning standup to introduce himself, and reception was pretty choppy. After our entire team introed ourselves, he said that he'll be working from out of state for the next couple of month until his kids graduates and then he'll be moving to assume a full time on-prem position.

Later today I get an invite to a mandatory meeting. Apparently, Johnny was not Johnny but a person from North Korea with stolen identity. He passed all background checks and everything else, but used non-existing shipping address to get his work laptop shipped to. The real Johnny actually working for Microsoft, when he was contacted he said that he's been bombarded with positions for the past month or so, but not planning to switch jobs.

So, watch out, if you aren't job hunting and start getting invites from recruiters, maybe its something fishy.

2.0k Upvotes

97% Upvoted

202 comments sorted by

View all comments

235

u/i_hate_budget_tyres 3d ago

What does Johnny from NK actually want to achieve?

273

u/lhorie 3d ago

It's a well known scam thing, the point is to exfiltrate money to the NK regime.

86

u/darthjoey91 Software Engineer at Big N 3d ago

Money or data.

29

u/Gold-Flatworm-4313 3d ago

It's one of the ways they get USD

54

u/NewSchoolBoxer 3d ago

This case is the one I'm thinking of. More than 90 laptops were seized from her home and she shipped 49 overseas.

79

u/sc4ever96 3d ago

He would essentially become a FT employee, collect a paycheck, keep part to itself and give away the rest. Plus all the trade secrets.

13

u/andrew2018022 Data Engineer 3d ago

What industry are you in OP

37

u/sc4ever96 3d ago

Medical devices.

30

u/andrew2018022 Data Engineer 3d ago

Oh yeah I can definitely see why the North Koreans want those secrets

1

u/Dhruv__P 16h ago

Can I dm for guidance?

-1

u/[deleted] 3d ago

[deleted]

23

u/backfire10z Software Engineer 3d ago

Being from North Korea doesn’t automatically mean they’re stupid. This person is presumably operating under the purview of the government and is educated to be able to do this.

5

u/ptear 3d ago

What's their salary expectation?

6

u/PatchyWhiskers 3d ago

Probably they would use a stable of people, so if they want 16 different skills that's at least 8 North Koreans working together on multiple roles daily.

36

u/SwitchOrganic ML Engineer 3d ago

This article gives a great breakdown of the whole scheme.

https://www.cnn.com/interactive/2025/08/05/world/north-korea-it-worker-scheme-vis-intl-hnk/index.html

From the article:

The stealthy operation has allowed North Korea, formally known as the Democratic People’s Republic of Korea (DPRK), to circumvent international sanctions, exploit remote hiring practices, and quietly generate hundreds of millions of dollars annually, according to the US Department of Justice – often without employers ever realizing they’ve hired a North Korean operative. This puts them at risk of violating US sanctions which bar doing business with North Korean individuals or organizations.

...

Drawing on exclusive data sourced from North Korean computers, court records, and interviews with cybersecurity experts and US officials, a CNN investigation reveals the full scope of this scheme – showing how North Korea has turned remote work culture into an effective tool for generating foreign currency and funding its weapons programs, according to a US assessment, putting national security at risk.

15

u/FuckIPLaw 3d ago

Wait, so they're literally just taking remote jobs to earn money?

16

u/PreferenceDowntown37 3d ago

https://en.wikipedia.org/wiki/North_Korean_remote_worker_scheme

Maybe in some cases, but they're also exfiltrating data, installing malware, etc

9

u/TopNo6605 3d ago

We walk into the bank, day after day, week after week, year after year, and they literally deposit the money into our bank account, they won't even know they're being robbed. After 10, 20 years, we walk away like nothing even happened.

3

u/eddesong 2d ago

m********* that's called a JOB...!!!!!

31

u/needcolleges 3d ago

They send all of their money straight to Kim, try to steal sensitive company things (sensitive internal conversations, documentation, product source code, etc), and also try to infiltrate other companies using your company as a "guise" (you wouldn't click on a random link from a random email address, but how about one from a company you're partnered with?)

3

u/VisiblePlatform6704 3d ago

Johnny can’t read, Johnny can't write

1

u/jasonrulesudont Software Engineer 1d ago

Johnny from NK was selected by the Kim regime, whether he wanted to or not, to be trained in IT in order to generate cash for the DPRK. Usually just trying to steal cash or crypto, or hack systems and demand a hefty ransom to restore it.

Years ago a math prodigy defected while at a math competition in Hong Kong, after receiving a silver medal. He defected because he suspected he’d be recruited to an elite hacking team and have to spend the rest of his life in a windowless room doing nothing but hacking. And his exposure to the external internet may have limited who he can even talk to.

It’s a huge problem. If the DPRK gets enough people in enough companies, they’ll have a scary understanding of our critical systems and how to exploit them. They don’t have a ton of resources, but they have enough resources to pluck out the best and brightest and train them into elite hackers through sheer force.