🚨 North Korean Dev Ring Busted Using Fake IDs to Land Jobs

A new expose has revealed a shocking scheme — a North Korean IT crew running over 30 fake identities to sneak into developer roles at global companies.

Here’s how they pulled it off:

Bought verified Upwork & LinkedIn accounts using stolen government IDs.

Worked remotely through AnyDesk, masking their real location.

Managed tasks via Google Drive and other Google tools.

Purchased SSNs, AI tool subscriptions, and VPNs to look legit.

Even used Google Translate constantly for Korean ↔ English conversions.

One wallet tied to the crew (0x78e1) is linked to a $680K hack on Favrr in June 2025. Investigators have traced some IPs back to Russia, adding another layer of complexity.

⚠️ With recruiters dropping their guard and platforms not sharing enough intel, these kinds of operations are slipping through the cracks — until it’s too late.