I’m a little unclear on the usage of the word “fake” here.
Going by article, these are real people doing actual real work, they often use stolen identities to conceal information about themselves, and they get help from outside sources to do their jobs better.
Whatever the right word is, it’s not “fake”. Maybe fraudulent? Or ulterior motives? Or deceptive? Or pretext? Or threat actor? Or foreign agents?
I agree - this is closer to bonded labor though the paying employer doesn't know it. Instead most of their earnings go to their actual employer (which is the North Korean state). "slave" maybe is more appropriate? "prisoner"?
The implication is that they're pretending to be legitimate employees whereas they are actually exfiltrating IP from a hostile nation state. Seems valid.
"Fake" seems fine. If I buy a fake watch, that might mean that it's a real watch that does its job of telling time, but it says "Rolex" on the front and that's a lie.
I agree that fake is an odd word to describe this. Most likely much of our IT infrastructure is extremely compromised. I wouldn't be surprised if some of the major password/healthcare/etc... leaks in the past 6 years were the result of someone "accidentally" setting a cloud bucket to public.
I actually turned down a fly-to-texas for an in person interview about a year back, but I do think in the age of the internet if we don't sacrifice some of the things we have taken for granted in the past, we're going to lose our country. Perhaps there should be a law that requires a picture of any employee standing next to their boss for continued employment - at some point in the future. (this is just an idea, not to start a flamewar, don't attack the specific idea, but attack the idea of some kind of extra checking if you don't agree with it)
It's North Korea though and they're all eViL. Imagine a world where the U.S lifted sanctions on N.K. traded with them and stopped crying about losing a war 70 years ago. Ah well a boy can dream.
Edit:
Lol saying anything positive about North Korea on hacker news and people instantly freak out. This fucking website man. North Korea isn't what I would call a free society but it's also not the hell on earth that most liberals want you to think it is. So much of the misery that normal North Koreans have to face is because of western imposed sanctions. We've tried punishing them for 30 years now, it hasn't destroyed the regime if anything they double down. I guess it's easy for a bunch of overfed over paid tech workers to not feel any kind of solidarity for a North Korean though and insist on punishing them even more. Hell the North Korean government would even be open for this kind of agreement if we would actually guarantee their sovereignty, sadly trusting the United States of America to hold up any kind of deal you make with them is fucking impossible.
Here is a quote I came up with but is attributed to Henry Kissinger
Having the United States as your enemy is dangerous, but having them as your friend is fatal.
That old bag liked it so much he had no problem taking credit for it.
Who cares what they're called. Main concern in this case is that the result of their work poses danger to the US. Like a spies. They often do legit work and meanwhile some "extra"
A friend of mine got two such "fake" candidates for a coding interview. His experience reminded me of those "Nigerian Prince" emails from 20 years ago.
These two gentlemen had western names (like "Brandon Smith") but Asian features and a tenuous grasp of spoken English; even though they claimed to have undergrad degrees from US universities. And he could tell they were looking at another screen to copy code from. After just a few minutes he realized what was going on, but continued the interview just to get the experience.
North Korea runs like a big organized crime family that specializes in forced labor human trafficking and drugs. I've read that they even operate overseas businesses that send slaves that aren't allowed to leave those businesses such as for timber harvesting in the Russian far east and various businesses in South East Asia.
The Latin American cartels operate almost like miniature North Koreas.
The numbers in the headline seem odd. They imply that each (fake|fraudulent) worker only nets $5000 per year for Kim. I know the system has some inefficiencies where people behind the scenes are helping the "employee" with the work and there are cost of living expenses, taxes etc. but that seems like a pretty low take.
If anyone pays so much money to someone they never met, or _dependable_ know their identity, that seems like a major fail.
The whole idea that someone who couldn't legally enter the US, gets easier clearance than any tourist, or foreign academic with an opinion about the current gov that seems uncomfortable to them baffles me.
Not the first time some priorities seem out of touch with reality.
>Alternatively, there is a killer interview question, as reported by The Register previously: ask them something like "How fat is Kim Jong Un?" and if they are a North Korean, they will terminate the call instantly.
I wonder if they know that he is fat and are afraid to tell, or that it is strictly forbidden to answer these types of questions. I don't really believe this "hack" can work long term.
It's pretty impressive how far American salaries go in other countries. Between thousands of applications, if you manage to snag a single IT role with a larger corp you're potentially getting the local equivalent of dozens of people's regular income.
Genuinely baffled by the logistics of this. The article makes it sound like these are large numbers of people in NK or surrounding countries who rely on Google translate, so not sophisticated spies or whatever.
Even if they get their hands on a fake American ID, these are taxable, insured jobs, they're not working at a restaurant under the table. IT companies ship out hardware, where are these people banked etc?
How does this practically look, officially you're working with Mark Johnson but you end up on a zoom call with a guy who speaks broken English and connects from the other part of the world and you're not suspicious?
A buddy of mine recently got a suspicious request which I'm pretty sure is how these NK workers are getting jobs. In this case, the dev is allegedly from Japan. But I don't think the NK folk are out there proudly stating they are from NK.
"Thank you for your reply. You’ll only need to spend about 1–2 hours maximum in a day for our collaboration.
We need a person who has experience in software development. so I tried to find a collaborator on github and also found your profile on it.
I will explain why I'm looking for a collaborator.
The reason is that the job market between the US and Japan is significantly different - often 2 to 3 times in rates. Because of this, I focused on working with US clients. I usually work at night and sleep during the day due to the time zone difference. However, even though I adjust my schedule, US clients often hesitate to hire me because they're uncomfortable with the time zone difference or concerned about communication due to our non-native English.
To solve this, I tried to collaborate with an US developer who communicates with clients, while I focus on the development work. You wouldn't need to develop anything yourself unless you want.
You don’t need to develop any code or communicate with the client. All you need to do is attend the meetings on video calls. You’ll only need to spend about 1–2 hours maximum in a day for our collaboration.
In return for your participation, I’d like to propose the following arrangement: for the first job we secure, we’ll split the total income 50/50 after taxes. Starting from the second job, you’ll receive 30% and I’ll receive 70% of the total income.
I'm not looking for a random US person - I'm specifically looking for someone with solid development experience. Even though I don't require any coding from the collaborator, without development experience they can't handle client communication properly or understand project requirements.
That's why I found your profile on GitHub and decided to reach out to you.
Could we have a meeting to discuss more in more detail?
I have a clear strategy to get a success and looking forward to your reply"
It's evident starting in 2017-2018 with the surge of the price of crypto and the rise of WFH with COVID, North Korea pivoted from rockets to much more lucrative and safer cyber theft to enrich its leadership and attack the West. A success. Policy makers don't care.
DPRK prisoner-conscripts are competitive at enduring fifteen rounds of skull-numbingly repetitive interviews only to get a sh!t offer, takes it anyway for the creds&lols, well surprise surprise
How is it that corporations can't get their act together wrt sensible hiring of remote workers? Before giving someone a final offer letter, why is it so difficult to meet them once (somewhere outside of North Korea and China)? The cost is negligible compared to a large salary.
What corporations actually do for verification also is equally damning. They ask for references, which no coworker really has an obligation to give, and it comes in the way of independent thought. Meanwhile, those from North Korea will sail through this blocker by having their fellow countrymen serve as references.
I'm so tired of this intellectually dishonest phrasing of making everything about "controversial" individuals whenever they're perceived as being the current villain, whether that's Putin, Elon, Kim or whatever.
145 comments
Going by article, these are real people doing actual real work, they often use stolen identities to conceal information about themselves, and they get help from outside sources to do their jobs better.
Whatever the right word is, it’s not “fake”. Maybe fraudulent? Or ulterior motives? Or deceptive? Or pretext? Or threat actor? Or foreign agents?
I actually turned down a fly-to-texas for an in person interview about a year back, but I do think in the age of the internet if we don't sacrifice some of the things we have taken for granted in the past, we're going to lose our country. Perhaps there should be a law that requires a picture of any employee standing next to their boss for continued employment - at some point in the future. (this is just an idea, not to start a flamewar, don't attack the specific idea, but attack the idea of some kind of extra checking if you don't agree with it)
Edit: Lol saying anything positive about North Korea on hacker news and people instantly freak out. This fucking website man. North Korea isn't what I would call a free society but it's also not the hell on earth that most liberals want you to think it is. So much of the misery that normal North Koreans have to face is because of western imposed sanctions. We've tried punishing them for 30 years now, it hasn't destroyed the regime if anything they double down. I guess it's easy for a bunch of overfed over paid tech workers to not feel any kind of solidarity for a North Korean though and insist on punishing them even more. Hell the North Korean government would even be open for this kind of agreement if we would actually guarantee their sovereignty, sadly trusting the United States of America to hold up any kind of deal you make with them is fucking impossible.
Here is a quote I came up with but is attributed to Henry Kissinger
Having the United States as your enemy is dangerous, but having them as your friend is fatal.
That old bag liked it so much he had no problem taking credit for it.
The Latin American cartels operate almost like miniature North Koreas.
The whole idea that someone who couldn't legally enter the US, gets easier clearance than any tourist, or foreign academic with an opinion about the current gov that seems uncomfortable to them baffles me.
Not the first time some priorities seem out of touch with reality.
>Alternatively, there is a killer interview question, as reported by The Register previously: ask them something like "How fat is Kim Jong Un?" and if they are a North Korean, they will terminate the call instantly.
I wonder if they know that he is fat and are afraid to tell, or that it is strictly forbidden to answer these types of questions. I don't really believe this "hack" can work long term.
Even if they get their hands on a fake American ID, these are taxable, insured jobs, they're not working at a restaurant under the table. IT companies ship out hardware, where are these people banked etc?
How does this practically look, officially you're working with Mark Johnson but you end up on a zoom call with a guy who speaks broken English and connects from the other part of the world and you're not suspicious?
"Thank you for your reply. You’ll only need to spend about 1–2 hours maximum in a day for our collaboration.
We need a person who has experience in software development. so I tried to find a collaborator on github and also found your profile on it.
I will explain why I'm looking for a collaborator.
The reason is that the job market between the US and Japan is significantly different - often 2 to 3 times in rates. Because of this, I focused on working with US clients. I usually work at night and sleep during the day due to the time zone difference. However, even though I adjust my schedule, US clients often hesitate to hire me because they're uncomfortable with the time zone difference or concerned about communication due to our non-native English.
To solve this, I tried to collaborate with an US developer who communicates with clients, while I focus on the development work. You wouldn't need to develop anything yourself unless you want. You don’t need to develop any code or communicate with the client. All you need to do is attend the meetings on video calls. You’ll only need to spend about 1–2 hours maximum in a day for our collaboration.
In return for your participation, I’d like to propose the following arrangement: for the first job we secure, we’ll split the total income 50/50 after taxes. Starting from the second job, you’ll receive 30% and I’ll receive 70% of the total income.
I'm not looking for a random US person - I'm specifically looking for someone with solid development experience. Even though I don't require any coding from the collaborator, without development experience they can't handle client communication properly or understand project requirements.
That's why I found your profile on GitHub and decided to reach out to you.
Could we have a meeting to discuss more in more detail? I have a clear strategy to get a success and looking forward to your reply"
I got an offer to "lend" my resume/identity to an upwork profile for a couple hundred per ... week iirc. Or was it month?
It could have been NK but it could have also been any other country where that makes financial sense. Or someone running a bunch of "AI"s.
> North Korean's 100k fake IT workers net $500M a year for Kim
So each made $5000 a year. They could have worked in China for better wages.
What corporations actually do for verification also is equally damning. They ask for references, which no coworker really has an obligation to give, and it comes in the way of independent thought. Meanwhile, those from North Korea will sail through this blocker by having their fellow countrymen serve as references.
> I had [the Register] explain to me three times what [Kim] got arrested for because it sounds an awful lot like what I do here every day.
Just terrible writing.