'These actors are no longer relying solely on traditional cybercrime':
Experts uncover another massive North Korean fake IT worker scam network
Date:
Thu, 18 Jun 2026 17:10:00 +0000
Description:
Nisos uncovers a major IT worker scam operation - with North Koreans once again apparently at the helm.
FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Nisos uncovers large DPRK employment fraud campaign embedding operatives in US tech firms 22 agents submitted 166k+ applications, landing 21k+ interviews and 76 job offers using stolen identities, AI tools, and local standins Targets were mostly software/data roles; scheme blended deception and AI tactics to generate salaries and access systems for regime revenue Security researchers have uncovered a massive North Korean operation aimed at getting state-sponsored operatives hired in US-based technology firms.
Nisos published an in-depth report detailing how the group used stolen identities , AI tools, remote access technologies, and even locals, to get hired. Shockingly, the campaign resulted in 76 job offers, roughly 3.5 offers per agent. Latest Videos From Watch full video here: Heavy use of AI Nisos said the investigation started when a suspected North Korean operative
applied for a remote AI architect position with the company.
Working with law enforcement, the company uncovered a cell of 22 individuals who have, between December 2024 and September 2025, submitted at least
166,893 job applications, landing more than 21,645 interviews with US companies. You may like North Korea accounts for almost half of all attacks against tech industry Microsoft experts warn North Korean attackers are targeting macOS users North Korean hackers are at it again phishing scheme targets hundreds of workers to try and steal crypto and more
The operation was well organized, Nisos said, and had administrators, managers, team leads, operatives, and more. Members communicated via Discord, used performance-tracking dashboards, and identity brokers.
Each operative managed multiple employment personas at the same time, and tracked different metrics such as number of applications submitted,
interviews completed and offers received. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me
with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
To increase their legitimacy, the scammers relied heavily on AI . They used AI-generated resumes, AI-assisted interview coaching, as well as real-time response generation during interviews. Furthermore, they used voice-training applications to improve their chances of securing the job, and when they were required to show up in person or go through onboarding sessions, they brought local stand-ins who were later paid in ERC20 cryptocurrency (Ethereum).
Most of the time, they targeted software engineering, development, and data-related roles (70%). Salaries for these positions ranged between $55,000 and $230,000.
DPRK employment fraud has evolved into a highly organized and scalable operation that blends human deception, technical tradecraft, and AI-enabled tactics, said Ryan LaSalle, CEO of Nisos. What makes this threat particularly concerning is that these actors are no longer relying solely on traditional cybercrime. They are embedding themselves within organizations, collecting salaries, gaining access to systems and data, and generating revenue for the regime through seemingly legitimate employment. The best antivirus for all budgets Our top picks, based on real-world testing and comparisons
Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
======================================================================
Link to news story:
https://www.techradar.com/pro/security/these-actors-are-no-longer-relying-sole ly-on-traditional-cybercrime-experts-uncover-another-massive-north-korean-fake -it-worker-scam-network
--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)