Amazon Blocks 1,800 Job Applications from North Korea

December 23, 2025 | 08:31 pm

TEMPO.CO, Jakarta - The American technology giant, Amazon, has stated that it has blocked more than 1,800 citizens of North Korea from joining the company since April 2024. Washington claims that Pyongyang has been sending a large number of IT workers abroad to earn income and launder money.

In a LinkedIn post reported by CNA on Tuesday, December 23, 2025, Amazon's Head of Security, Stephen Schmidt, stated last week that North Korean workers had been "attempting to secure remote IT jobs with companies worldwide, particularly in the U.S."

He said that, in the past year, the company had seen a nearly 30 percent increase in the number of applications from North Koreans.

Schmidt stated that North Koreans typically use "laptop farms"-remote workers in the US operated from abroad.

He warned that this issue is not specific to Amazon and "likely occurs on a large scale across the industry."

Indications of North Korean workers, Schmidt said, include improperly formatted phone numbers and suspicious academic credentials.

Amazon Detects Infiltrator from North Korea

Previously, Amazon successfully detected infiltrators from North Korea who were secretly working at the company as system administrators. The perpetrator operated the machine from thousands of miles away, creating the illusion of legitimate employees based in the U.S.

This case is just one example of a much larger infiltration campaign.

It was revealed due to a 110-millisecond lag. His disguise was discovered because, usually, remote worker computers based in the U.S. would send keystroke data within 10 milliseconds.

According to The Times of India, Amazon estimated a quarterly 27 percent increase in the number of North Koreans attempting to join the company.

Amazon's success was largely due to its active pursuit of North Korean deceivers.

"If we hadn't been looking for the DPRK workers, we would not have found them," said Schmidt.

A disturbance in Amazon's security radar occurred earlier this year when a new sysadmin's Amazon laptop monitor alerted security personnel to unusual behavior.

Amazon security experts further investigated this distinctive "US-based remote worker" and determined that their remote laptop was being controlled from afar. This resulted in additional delays in keystroke input.

It turned out that North Korea had access to this Amazon laptop located in Arizona. In addition to suspicious computer network symptoms, the use of awkward American idioms and English language articles continued to serve as clues when speaking with these deceivers.

In July, a woman in Arizona was sentenced to more than eight years in prison for running a "laptop farm" that helped North Korean IT workers secure remote jobs at over 300 U.S. companies.

The perpetrator facilitated the fraud by providing hardware infrastructure that allowed North Koreans to route their traffic through U.S. IP addresses, making their activities appear domestic.

The scheme generated over $17 million in revenue for her and North Korea, officials said.

Cyber Warfare

Last year, Seoul's intelligence agency warned that North Korean agents had been using LinkedIn to pose as recruiters. They approached South Koreans working in defense companies to obtain information about their technology.

"North Korea is actively training cyber personnel and infiltrating key locations worldwide," said Hong Min, an analyst at the Korea Institute for National Unification.

"Given Amazon's business nature, the motive seems largely economic, with a high likelihood that the operation was planned to steal financial assets," added Hong Min.

North Korea's cyber warfare program has been in existence at least since the mid-1990s.

Since then, this program has grown into a 6,000-strong cyber unit known as Bureau 121, operating from several countries, according to a 2020 U.S. military report.

In November, Washington announced sanctions against eight individuals accused of being "state-sponsored hackers," whose illegal operations were conducted "to fund the regime's nuclear weapons program by stealing and laundering money."

The U.S. Department of the Treasury accused North Korea-affiliated cybercriminals of stealing over $3 billion in the past three years, primarily in cryptocurrencies.

Read: Amazon Data Center in Oregon Blamed for Cancer and Miscarriage Spike

Click here to get the latest news updates from Tempo on Google News

Amazon Rainforest Approaches "Hypertropical" Climate Not Seen in 10 Million Years

12 hari lalu

After the Amazon COP, It's MovementsThat Carry the Truth Forward

21 hari lalu

Amazon Data Center in Oregon Blamed for Cancer and Miscarriage Spike

22 hari lalu

What Is the Longest River in the World? Here's the Top 10 Ranking

39 hari lalu

Lula Urges Action as COP30 Climate Talks Kick Off in Amazon

42 hari lalu

Amazon to Lay Off 14,000 Corporate Workers It Bets Big on AI Efficiency

55 hari lalu

Massive Amazon Web Services Outage Cripples Major Global Platforms

21 Oktober 2025

Brazil Approves Oil Drilling Near Mouth of Amazon River

21 Oktober 2025

Outage at Amazon Cloud Service Unit Causes Major Disruption

20 Oktober 2025

Amazon and West Java Students Break Guinness World Record for Generative AI App

19 Oktober 2025