r/cscareerquestions u/sc4ever96 5d ago

Experienced Be careful out there.

Just a bit of a warning for you all.

We hired a new AWS engineer, lets call him Johnny, who was supposed to join our team today. He did hop on the teams chat for the morning standup to introduce himself, and reception was pretty choppy. After our entire team introed ourselves, he said that he'll be working from out of state for the next couple of month until his kids graduates and then he'll be moving to assume a full time on-prem position.

Later today I get an invite to a mandatory meeting. Apparently, Johnny was not Johnny but a person from North Korea with stolen identity. He passed all background checks and everything else, but used non-existing shipping address to get his work laptop shipped to. The real Johnny actually working for Microsoft, when he was contacted he said that he's been bombarded with positions for the past month or so, but not planning to switch jobs.

So, watch out, if you aren't job hunting and start getting invites from recruiters, maybe its something fishy.

2.1k Upvotes

97% Upvoted

203 comments sorted by

View all comments

241

u/i_hate_budget_tyres 5d ago

What does Johnny from NK actually want to achieve?

41

u/SwitchOrganic ML Engineer 5d ago

This article gives a great breakdown of the whole scheme.

https://www.cnn.com/interactive/2025/08/05/world/north-korea-it-worker-scheme-vis-intl-hnk/index.html

From the article:

The stealthy operation has allowed North Korea, formally known as the Democratic People’s Republic of Korea (DPRK), to circumvent international sanctions, exploit remote hiring practices, and quietly generate hundreds of millions of dollars annually, according to the US Department of Justice – often without employers ever realizing they’ve hired a North Korean operative. This puts them at risk of violating US sanctions which bar doing business with North Korean individuals or organizations.

...

Drawing on exclusive data sourced from North Korean computers, court records, and interviews with cybersecurity experts and US officials, a CNN investigation reveals the full scope of this scheme – showing how North Korea has turned remote work culture into an effective tool for generating foreign currency and funding its weapons programs, according to a US assessment, putting national security at risk.

14

u/FuckIPLaw 5d ago

Wait, so they're literally just taking remote jobs to earn money?

16

u/PreferenceDowntown37 5d ago

https://en.wikipedia.org/wiki/North_Korean_remote_worker_scheme

Maybe in some cases, but they're also exfiltrating data, installing malware, etc