Since COVID, there has been a surge in fraud as a result of remote work. And naturally, the DPRK wants to be in on it. When I opened up some remote roles a while ago I was flooded with thousands of applications, that looked somewhat similar. I then did what any cyber security professional would do: I did some deep digging into the operation. Uncovering greenscreen computer vision usage to pass identity verification Laptop mules on US soil Use of questionable VPNs and KVMs to control remote devices Exposing what they would do when they get access to your internal tools Why they do it and the degrees of damage they are willing to do. Exposing some never talked about before details about the investigation that resulted in 29 property searches, 5 arrests and imprisonments of enemies of the state.