In a significant operation, Microsoft has suspended 3,000 Outlook and Hotmail accounts linked to North Korean IT workers involved in a global job fraud scheme. This initiative, termed “Jasper Sleet” by Microsoft’s Threat Intelligence team, highlights the extensive nature of the scam. The US Department of Justice collaborated in this crackdown, seizing hundreds of laptops, 29 financial accounts, and shutting down nearly 24 websites. Authorities conducted raids on 29 “laptop farms” across the United States, where Americans were aiding foreign workers in gaining unauthorized access to remote jobs. These accomplices either installed remote access tools on company-issued laptops or shipped them to countries like Russia and China. Some Americans even rented out their identities to assist North Koreans in applying for US tech jobs. A notable case involved a Maryland nail salon worker who managed 13 remote IT jobs for North Korean workers, earning nearly $1 million through this illegal activity. After pleading guilty to conspiracy to commit wire fraud, he is scheduled for sentencing in August. This case is part of a broader effort to curb North Korea’s use of overseas tech jobs to fund its regime. According to Microsoft Security, North Korea has deployed thousands of remote IT workers to secure jobs in software and web development as part of a revenue generation scheme for the North Korean government. These skilled workers, often based in North Korea, China, and Russia, use virtual private networks (VPNs) and remote monitoring and management (RMM) tools alongside willing accomplices to hide their locations and identities. Historically, North Korea’s fraudulent remote worker scheme has targeted US companies in technology, critical manufacturing, and transportation sectors. However, there is an observed shift towards targeting various industries globally that offer technology-related roles. Since 2020, the US government and cybersecurity community have identified thousands of North Korean workers infiltrating companies across diverse industries. The scheme reportedly generates up to $600 million annually according to UN estimates. The IT workers share information with more malicious cyber attackers who have stolen billions in cryptocurrency. The revenue from this scheme and illicitly obtained crypto funds are used to support DPRK authoritarian ruler Kim Jong Un’s nuclear weapons program, as reported by the FBI and the US Department of Justice.