North Korea sent me abroad to be a secret computer worker. My wages financed the regime

Jin-Su said over the years, he has used hundreds of false IDs to apply for computer information remotely with Western companies. It was part of a large infiltration program aimed at raising funds for North Korea.

Juggling with several jobs across the United States and Europe would make it at least $ 5,000 (£ 3,750) per month, he told BBC in a rare interview. Some colleagues, he said, would earn much more.

Before defection, Jin -Su – whose name was changed to protect his identity – was one of the thousands of people who would have been sent abroad in China and Russia, or African countries and elsewhere, to participate in the dark operation managed by Secret North Korea.

North Korean IT workers are closely monitored and few have spoken to the media, but Jin-Su gave in-depth testimony to the BBC, giving an overview of what daily life is for those who work the scam and how they work. His first -hand account confirms a large part of what has been estimated in the UN and cybersecurity reports.

He said that 85% of what he won had been returned to finance the regime. North Korea short of money has been under international sanctions for years.

“We know it’s like a flight, but we just accept it as our fate,” said Jin-Su, “it’s always much better than when we were in North Korea.”

Secret IT workers generate $ 250 million to $ 600 million a year for North Korea, according to a United Nations Security Council report published in March 2024. The program exploded in the pandemic, when remote work has become commonplace and has been increasing since, the authorities and cyber-defensers warn.

Most workers are after a constant pay check to be returned to the diet, but in some cases they stole data or hacked their employers and demanded the ransom.

Last year, an American court charged 14 North Koreans which would have won $ 88 million by working as disguised and extracting American companies over a period of six years.

Four other North Koreans who would have used fraudulent identities to guarantee remote computer work for a cryptocurrency company in the United States was charged last month.

Jin-Su was a computer worker for the regime in China for several years before defection. He and his colleagues would work mainly in teams of 10, he told the BBC.

Internet access is limited in North Korea, but abroad, these IT workers can work more easily. They must disguise their nationality not only because they can be paid more by usurping the identity of Westerners, but because of the vast international sanctions in North Korea, mainly in response to its nuclear weapons and its ballistic missile programs.

This regime is distinct from the hacking operations of North Korea which also collect funds for the regime. Earlier this year, the Lazarus group – a sadly famous hacking group that works to work for North Korea, although they never admitted it – would have stolen $ 1.5 billion (1.1 billion pounds sterling) from the Bybit cryptocurrency company.

Jin-Su spent most of his time trying to get fraudulent identities he could use to apply for jobs. He would first present himself as Chinese and contact people in Hungary, Turkey and other countries to ask them to use their identity in exchange for a percentage of his profits, he told the BBC.

“If you put an” Asian face “on this profile, you will never get a job.”

He would then use these identities borrowed to approach people in Western Europe for their identity, which he would use to apply for jobs in the United States and Europe. Jin-Su has often managed to target British citizens.

“With a little discussion, the people of the United Kingdom have transmitted their identity so easily,” he said.

IT workers who speak English better sometimes manage the process of applications. But jobs on independent sites do not necessarily require face -to -face interviews, and often daily interactions take place on platforms like Slack, which facilitates the claim to be someone you are not.

Jin-Su told the BBC that he had above all targeted the American market, “because wages are higher in American companies”. He said that so many IT workers found jobs, often companies would involuntarily hire more than a North Korean. “It happens a lot,” he said.

It is understood that IT workers collect their income thanks to networks of facilitators based in the West and in China. Last week, an American woman was sentenced to more than eight years in prison for aid to North Korean IT workers to find a job and send them money.

The BBC cannot independently verify the specifics of Jin-Su’s testimony, but through PSCORE, an organization that advocates North Korean human rights, we have read the testimony of another computer worker who defeated who supports Jin-Su’s assertions.

The BBC also spoke to a different defector, Hyun-Seung Lee, who met the North Koreans by working there while he was traveling as a businessman for the diet in China. He confirmed that they had had similar experiences.

The BBC spoke to several hiring managers in the cybersecurity sector and the development of software who say they have spotted dozens of candidates they suspect are North Korean IT workers during their hiring processes.

Rob Henley, co-founder of Ally Security in the United States, recently hired for a series of remote vacant positions in his office, and thinks he has interviewed up to 30 North-Korean IT workers in the process. “At the start, it was like a game to a certain extent, like trying to understand who was real and who was false, but it became quite annoying quite quickly,” he said.

Finally, he used candidates on video calls to show him that it was the day they were.

“We only engage candidates in the United States for these positions. It should have been at least light outside. But I have never seen daylight.”

In March, Dawid Moczadło, co-founder of Vidoc Security Lab based in Poland, shared a video of a distance job interview which he led when the candidate seemed to use artificial intelligence software to disguise their faces. He said that after talking about experts, he thought that the candidate could be a North Korean IT worker.

We contacted the North Korean Embassy in London to put the allegations of this story to them. They did not respond.

North Korea has sent its workers abroad for decades to win the state foreign currency. Up to 100,000 are employed abroad as factory or catering workers, mainly in China and Russia.

After several years of life in China, Jin-Su said that the “feeling of confinement” on his oppressive working conditions was devoted.

“We were not allowed to go out and we had to stay inside all the time,” he said. “You can’t exercise, you can’t do whatever you want.”

However, North Korean IT workers have more freedom to access Western media when they are abroad, said Jin-Su. “You see the real world. When we are abroad, we realize that something is wrong in North Korea.”

But despite this, Jin-Su said that few North Korean IT workers have thought of escaping like him.

“They just take the money and go home, very few people would think of the defection.”

Although they only keep a small proportion of what they earn, it is very much worth in North Korea. The defection is also extremely risky and difficult. Monitoring in China means that most are captured. These rare people who succeed in defection could never again see their family again, and their loved ones could incur their punishment.

Jin-Su is still working now that he has defected. He says that the skills he has perfected by working for the diet helped him settle in his new life.

Because he does not work several jobs with false identity documents, he earns less than when he worked for the North Korean regime. But because he can keep more from his income, overall, he has more money in his own pocket.

“I used to make money by doing illegal things. But now I work hard and earn the money I deserve.”