Amazon has disclosed that it prevented more than 1,800 individuals linked to North Korea from applying for jobs on its platform, citing growing concerns over covert attempts by Pyongyang to generate foreign revenue through overseas IT work.
The revelation was made by Amazon’s Chief Security Officer, Stephen Schmidt, who said the company has recorded a sharp rise in suspicious job applications tied to North Korean nationals seeking remote technology roles, particularly with US-based firms. According to him, such applications increased by nearly one-third over the past year.
Schmidt explained that many of the applicants rely on so-called “laptop farms,” in which computers are physically located in the United States but remotely operated from abroad, allowing foreign workers to appear as domestic employees. He stressed that the challenge is not unique to Amazon and is likely widespread across the global technology sector.
He added that common red flags include irregularly formatted phone numbers and questionable academic credentials, which have helped the company identify and block fraudulent applications.
US authorities have previously uncovered similar schemes. In July, a woman in Arizona was sentenced to more than eight years in prison for running a laptop farm that enabled North Korean IT workers to secure remote jobs at over 300 US companies. Investigators said the operation generated more than $17 million, with proceeds benefiting both the woman and the North Korean government.
South Korea’s intelligence agency has also warned that North Korean operatives have used LinkedIn to pose as recruiters in attempts to infiltrate defence-related firms and steal sensitive technological information.
Analysts say such activities form part of a broader strategy by Pyongyang to fund its programmes through cyber operations. North Korea’s cyber warfare efforts reportedly date back to the mid-1990s and have since expanded into a specialised unit known as Bureau 121.
In November, the United States imposed sanctions on eight individuals accused of state-sponsored hacking, alleging that the illicit activities were carried out to finance North Korea’s nuclear weapons programme.