large set of leaked documents has exposed how North Korea secretly runs a global remote-work network. These files—spreadsheets, chat logs, and other records—were shared by a cybersecurity expert named “SttyK” at the Black Hat conference on August 7.
The documents show about 140 North Korean software developers, split into 12 teams, working long hours—up to 14 hours a day. They keep detailed records of job applications, earnings, and equipment. Their boss oversees everything closely. These workers use fake or stolen identities and laptop farms (large groups of computers) to pretend they’re regular employees. They rely on popular U.S. tech platforms like Google, GitHub, and Slack.
Big Money for Dangerous Projects
The United Nations estimates this program brings in $250 million to $600 million a year for North Korea. The U.S. government believes this money helps fund nuclear weapons and missile programs, which are banned by international sanctions.
The leaked files mention Kim Chaek University of Technology and Ryonbong General Corporation—two organizations already blacklisted for helping with weapons development.
U.S. Cracks Down
In one case, a woman in Arizona named Christina Chapman was sentenced to 8 years in prison. She ran a setup with 90 laptops that helped North Korean workers get jobs at 309 American companies, earning $17 million for North Korea.
In another case, the Justice Department is trying to recover $1.01 million in cryptocurrency (Tether). Investigators say three North Korean developers working at a New York blockchain company stole the money in 2024 and laundered it through different blockchains.
What It Means
These cases show how North Korea mixes normal-looking freelance jobs with cybercrime to secretly fund its weapons programs.
#NorthKoreaRemoteWork #CyberInfiltration #DigitalEspionage #FakeIdentities #LaptopFarms
