- Across the Fortune 500 on down to small startups, companies are trying to lessen the possibility of accidentally hiring someone from North Korea posing as an American with a stolen identity. One tech founder has found what he believes is a simple, inexpensive solution.
The names on their résumés are usually ultra-American-sounding, like “Mike Smith” or “Thomas Williams.” Their bios on social media, or the tech platform GitHub, are often generic-sounding but nevertheless emphasize deep experience in decentralized finance and web development. Their home addresses are often located smack-dab in the middle of remote areas. And while there’s a chance the person behind the avatar might be legitimate, Harrison Leggio, cofounder of crypto token launchpad g8keep, says he takes one final, crucial step before setting up a call for a job interview with any potential candidate.
“Say something negative about Kim Jong Un,” Leggio tells potential job candidates, referring to the third-generation authoritarian supreme leader of North Korea, officially the Democratic People’s Republic of Korea (DPRK).
At that point, the person on the other end of the text or direct message will usually panic and block him, he said.
“It sounds so ridiculous, but this seems to be a foolproof way to weed out North Korean engineers,” said Leggio. “It started as a joke.”
The DPRK plan
Human Rights Watch calls North Korea one of the most repressive countries in the world. Its leader, Kim Jong Un, is accused of widespread humanitarian offenses against DPRK citizens including torture, executions, imprisonment, forced labor, and denial of basic liberties. North Koreans are directed to revere Kim. Insulting the country’s leader, particularly within earshot of other North Korean citizens, could lead to serious consequences.
The country has been under some form of sanctions since the early days of the Korean War in the 1950s, but it’s been the target of fresh sanctions from the U.S., EU, Japan, and South Korea for most of the past two decades to stymie its development of nuclear weapons. In response, authorities say, DPRK leaders have turned to organized crime to continue funding its weapons of mass destruction program and to bolster Kim’s personal wealth. One wildly successful scheme North Korea has developed is its IT workers scam.
The scheme took shape around 2017; eight years later, North Korea now presides over a flourishing and lucrative program in which teens and children with signs of software and engineering aptitude are plucked from schools at an early age to get elite tech training. They are then dispatched to locations in China and Russia where they work in factories, using AI and deepfake technologies to get jobs at American and European companies. In some cases, single engineers hold six or seven jobs apiece.
The Department of Justice claims the North Korean IT workers send their tech salaries to the government to fund weapons and operations, and they’re also tasked with helping organized crime networks hack organizations for surveillance purposes, ransomware attacks, and heists of cryptocurrency. Since 2018, the IT scheme has generated hundreds of millions in revenues each year, according to the Department of Justice, and hundreds of Fortune 500 companies have inadvertently hired thousands of North Korean IT workers. Cybersecurity experts say the financial success of the sprawling scheme and its evolving sophistication mean it will likely expand in 2025.
Leggio tells Fortune tech founders see these North Korean engineers on a near-daily basis. Before he started asking prospective applicants to insult Kim before proceeding with any job interviews, Leggio said he would continually get onto calls with someone who clearly had a Korean accent, who would often say they couldn’t turn their camera on.
When they did, the time of day wouldn’t match the time it was supposed to be in Canada, for instance, and the person Leggio was interviewing would be in a room where you could hear multiple ongoing interviews and dozens of people in the background. Leggio said interviewees also couldn’t really accurately discuss their past work as developers, despite what was on their bios.
Ultimately, as someone trying to grow a business, it was a waste of time to get bogged down in résumés from North Korean engineers. On a whim, he asked someone to make a negative comment about Kim after researching North Korea and the punitive and harsh conditions DPRK citizens exist in.
Now, he said, it’s easier if the engineers block him or just don’t reply after he makes the ask.
“I get messages from people daily with screenshots saying, ‘We caught one of them,’ or ‘This guy joined our Discord and messaged me on Telegram,’” said Leggio. “It sounds so ridiculous, but this seems to be one foolproof way of weeding out North Korean engineers.”
